Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (35170 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-36725 1 Microsoft 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more 2025-04-14 7.8 High
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36726 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability
CVE-2023-36728 1 Microsoft 3 Odbc Driver For Sql Server, Ole Db Driver For Sql Server, Sql Server 2025-04-14 5.5 Medium
Microsoft SQL Server Denial of Service Vulnerability
CVE-2023-36729 1 Microsoft 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more 2025-04-14 7.8 High
Named Pipe File System Elevation of Privilege Vulnerability
CVE-2023-36730 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-04-14 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36731 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2023-36732 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2023-41772 1 Microsoft 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more 2025-04-14 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2023-41766 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2023-36789 1 Microsoft 1 Skype For Business Server 2025-04-14 7.2 High
Skype for Business Remote Code Execution Vulnerability
CVE-2023-36786 1 Microsoft 1 Skype For Business Server 2025-04-14 7.2 High
Skype for Business Remote Code Execution Vulnerability
CVE-2023-36737 1 Microsoft 1 Azure Network Watcher 2025-04-14 7.8 High
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2023-38171 1 Microsoft 4 .net, Visual Studio 2022, Windows 11 22h2 and 1 more 2025-04-14 7.5 High
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-35349 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 9.8 Critical
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2022-4515 3 Debian, Exuberant Ctags Project, Redhat 3 Debian Linux, Exuberant Ctags, Enterprise Linux 2025-04-14 7.8 High
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.
CVE-2022-4287 1 Devolutions 1 Remote Desktop Manager 2025-04-14 8.8 High
Authentication bypass in local application lock feature in Devolutions Remote Desktop ManagerĀ  2022.3.26 and earlier on Windows allows malicious user to access the application.
CVE-2022-4130 1 Redhat 3 Satellite, Satellite Capsule, Satellite Utils 2025-04-14 4.5 Medium
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
CVE-2021-35954 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2025-04-14 8.1 High
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug (SWD) feature.
CVE-2021-35953 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2025-04-14 7.5 High
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service (device outage) via crafted choices of the last three bytes of a characteristic value.
CVE-2021-35952 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2025-04-14 5.3 Medium
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017.