Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4561 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-20657 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-03 7 High
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2024-21364 1 Microsoft 1 Azure Site Recovery 2025-05-03 9.3 Critical
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2024-20695 1 Microsoft 1 Skype For Business Server 2025-05-03 5.7 Medium
Skype for Business Information Disclosure Vulnerability
CVE-2024-21401 1 Microsoft 1 Entra Jira Sso Plugin 2025-05-03 9.8 Critical
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability
CVE-2024-21436 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7.8 High
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-21418 1 Linuxfoundation 1 Software For Open Networking In The Cloud 2025-05-03 7.8 High
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
CVE-2024-26203 1 Microsoft 1 Azure Data Studio 2025-05-03 7.3 High
Azure Data Studio Elevation of Privilege Vulnerability
CVE-2024-26201 1 Microsoft 1 Intune Company Portal 2025-05-03 6.6 Medium
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
CVE-2024-29993 1 Microsoft 1 Azure Cyclecloud 2025-05-03 8.8 High
Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-29054 1 Microsoft 1 Defender For Iot 2025-05-03 7.2 High
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29055 1 Microsoft 1 Defender For Iot 2025-05-03 7.2 High
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-28917 1 Microsoft 7 Azure Arc Extension Microsoft.azstackhci.operator, Azure Arc Extension Microsoft.azure.hybridnetwork, Azure Arc Extension Microsoft.azurekeyvaultsecretsprovider and 4 more 2025-05-03 6.2 Medium
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
CVE-2024-26234 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 6.7 Medium
Proxy Driver Spoofing Vulnerability
CVE-2024-29990 1 Microsoft 1 Azure Kubernetes Service Confidential Containers 2025-05-03 9 Critical
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-28922 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-03 4.1 Medium
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-21424 1 Microsoft 1 Azure Compute Gallery 2025-05-03 6.5 Medium
Azure Compute Gallery Elevation of Privilege Vulnerability
CVE-2024-30059 1 Microsoft 1 Intune Mobile Application Management 2025-05-03 6.1 Medium
Microsoft Intune for Android Mobile Application Management Tampering Vulnerability
CVE-2022-42707 1 Mahara 1 Mahara 2025-05-02 7.5 High
In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions.
CVE-2024-13102 1 Dlink 2 Dir-816, Dir-816 Firmware 2025-05-02 5.3 Medium
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-13103 1 Dlink 2 Dir-816, Dir-816 Firmware 2025-05-02 5.3 Medium
A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.