Search

Expected end of text, found '.' (at char 34), (line:1, col:35)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (309333 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-54898 2025-09-11 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54903 2025-09-11 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54093 2025-09-11 7 High
Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVE-2025-54099 2025-09-11 7 High
Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-54101 2025-09-11 4.8 Medium
Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.
CVE-2025-54104 2025-09-11 6.7 Medium
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.
CVE-2025-54248 1 Adobe 1 Experience Manager 2025-09-11 7.7 High
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Scope is changed
CVE-2025-54910 2025-09-11 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-57064 1 Tenda 1 G3 2025-09-11 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-58990 1 Wordpress 1 Wordpress 2025-09-11 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTech ShopLentor allows Stored XSS. This issue affects ShopLentor: from n/a through 3.2.0.
CVE-2025-53808 2025-09-11 6.7 Medium
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.
CVE-2025-53800 2025-09-11 7.8 High
No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-53805 2025-09-11 7.5 High
Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.
CVE-2025-54902 2025-09-11 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54905 2025-09-11 7.1 High
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2025-54906 2025-09-11 7.8 High
Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-54907 2025-09-11 7.8 High
Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
CVE-2025-54917 2025-09-11 4.3 Medium
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-54918 2025-09-11 8.8 High
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
CVE-2025-54919 2025-09-11 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.