Export limit exceeded: 341647 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341647 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32715 | 1 Olivethemes | 1 Olive One Click Demo Import | 2025-05-29 | 5.3 Medium |
| Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | ||||
| CVE-2024-36302 | 1 Trendmicro | 1 Apex One | 2025-05-29 | 7.8 High |
| An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36303. | ||||
| CVE-2023-46309 | 1 Gvectors | 1 Wpdiscuz | 2025-05-29 | 5.3 Medium |
| Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10. | ||||
| CVE-2022-35772 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 7.2 High |
| Azure Site Recovery Remote Code Execution Vulnerability | ||||
| CVE-2022-35771 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | 7.8 High |
| Windows Defender Credential Guard Elevation of Privilege Vulnerability | ||||
| CVE-2022-35769 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | 7.5 High |
| Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | ||||
| CVE-2022-35767 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-35766 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-35765 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2025-05-29 | 7.8 High |
| Storage Spaces Direct Elevation of Privilege Vulnerability | ||||
| CVE-2022-35764 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2025-05-29 | 7.8 High |
| Storage Spaces Direct Elevation of Privilege Vulnerability | ||||
| CVE-2022-35763 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2025-05-29 | 7.8 High |
| Storage Spaces Direct Elevation of Privilege Vulnerability | ||||
| CVE-2022-35762 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2025-05-29 | 7.8 High |
| Storage Spaces Direct Elevation of Privilege Vulnerability | ||||
| CVE-2022-35761 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2022-34716 | 2 Microsoft, Redhat | 5 .net, .net Core, Powershell and 2 more | 2025-05-29 | 5.9 Medium |
| .NET Spoofing Vulnerability | ||||
| CVE-2024-5246 | 1 Netgear | 2 Prosafe Network Management Software 300, Prosafe Network Management System | 2025-05-29 | 8.8 High |
| NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from the use of a vulnerable version of Apache Tomcat. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22868. | ||||
| CVE-2024-40505 | 1 Dlink | 2 Dap-1650, Dap-1650 Firmware | 2025-05-29 | 9.3 Critical |
| Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. | ||||
| CVE-2025-29690 | 1 Hailey888 | 1 Oa System | 2025-05-29 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the outtype parameter at /address/AddrController.java. | ||||
| CVE-2025-29689 | 1 Hailey888 | 1 Oa System | 2025-05-29 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the password parameter at /mail/MailController.java. | ||||
| CVE-2025-29688 | 1 Hailey888 | 1 Oa System | 2025-05-29 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /daymanager/daymanageabilitycontroller.java. | ||||
| CVE-2025-29686 | 1 Hailey888 | 1 Oa System | 2025-05-29 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java. | ||||