Total
530 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21365 | 2025-01-15 | 7.8 High | ||
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2020-8094 | 2025-01-15 | N/A | ||
| An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file. | ||||
| CVE-2024-13158 | 2025-01-14 | 7.2 High | ||
| An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-0459 | 2025-01-14 | 5.3 Medium | ||
| A vulnerability, which was classified as problematic, has been found in libretro RetroArch up to 1.19.1 on Windows. Affected by this issue is some unknown functionality in the library profapi.dll of the component Startup. The manipulation leads to untrusted search path. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7886 | 1 Scootersoftware | 1 Beyond Compare | 2025-01-10 | 7.8 High |
| A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. The vendor explains that a system must be breached before exploiting this issue. They are not planning on making any changes to address it. | ||||
| CVE-2024-35260 | 2025-01-09 | 8 High | ||
| An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network. | ||||
| CVE-2024-20693 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-08 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-36422 | 1 Microsoft | 1 Windows Defender | 2025-01-08 | 7.8 High |
| Microsoft Windows Defender Elevation of Privilege Vulnerability | ||||
| CVE-2022-22047 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-01-02 | 7.8 High |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-36003 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-01-01 | 6.7 Medium |
| XAML Diagnostics Elevation of Privilege Vulnerability | ||||
| CVE-2023-36393 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 7.8 High |
| Windows User Interface Application Core Remote Code Execution Vulnerability | ||||
| CVE-2023-36778 | 1 Microsoft | 1 Exchange Server | 2025-01-01 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36780 | 1 Microsoft | 1 Skype For Business Server | 2025-01-01 | 7.2 High |
| Skype for Business Remote Code Execution Vulnerability | ||||
| CVE-2023-41766 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | 7.8 High |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-36898 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-01-01 | 7.8 High |
| Tablet Windows User Interface Application Core Remote Code Execution Vulnerability | ||||
| CVE-2023-35343 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-01-01 | 7.8 High |
| Windows Geolocation Service Remote Code Execution Vulnerability | ||||
| CVE-2023-21764 | 1 Microsoft | 1 Exchange Server | 2025-01-01 | 7.8 High |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2023-21763 | 1 Microsoft | 1 Exchange Server | 2025-01-01 | 7.8 High |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2024-49043 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-01 | 7.8 High |
| Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability | ||||
| CVE-2024-43616 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-12-31 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||