Export limit exceeded: 344630 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10133 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35836 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2025-03-11 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-35835 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2025-03-11 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-35834 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2025-03-11 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-35830 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2025-03-11 | 8.1 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||
| CVE-2022-34700 | 1 Microsoft | 1 Dynamics 365 | 2025-03-11 | 8.8 High |
| Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | ||||
| CVE-2022-35805 | 1 Microsoft | 1 Dynamics 365 | 2025-03-11 | 8.8 High |
| Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | ||||
| CVE-2022-30200 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2025-03-11 | 7.8 High |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | ||||
| CVE-2022-37961 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-03-11 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-38009 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-03-11 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-38008 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-03-11 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-35823 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-03-11 | 8.8 High |
| Microsoft SharePoint Remote Code Execution Vulnerability | ||||
| CVE-2022-26929 | 1 Microsoft | 12 .net, .net Framework, Windows 10 and 9 more | 2025-03-11 | 7.8 High |
| .NET Framework Remote Code Execution Vulnerability | ||||
| CVE-2023-27372 | 2 Debian, Spip | 2 Debian Linux, Spip | 2025-03-11 | 9.8 Critical |
| SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. | ||||
| CVE-2023-22747 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | 9.8 Critical |
| There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22753 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22752 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | 9.8 Critical |
| There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2022-29823 | 1 Feathersjs | 1 Feathers-sequelize | 2025-03-11 | 10 Critical |
| Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application. | ||||
| CVE-2024-27114 | 2 So Planning, Soplanning | 2 Simple Online Planning, Soplanning | 2025-03-11 | 9.8 Critical |
| A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system. The vulnerability has been remediated in version 1.52.02. | ||||
| CVE-2024-27115 | 2 Simple Online Planning, Soplanning | 2 So Planning, Soplanning | 2025-03-11 | 9.8 Critical |
| A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying any requirements. This leads to the possibility of execution of code on the underlying system when the file is triggered. The vulnerability has been remediated in version 1.52.02. | ||||
| CVE-2024-43663 | 2025-03-11 | 9.8 Critical | ||
| There are many buffer overflow vulnerabilities present in several CGI binaries of the charging station.This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High – Given the prevalence of these buffer overflows, and the clear error message of the web server, an attacker is very likely to be able to find these vulnerabilities. Impact: Low – Usually, overflowing one of these buffers just causes a segmentation fault of the CGI binary, which causes the web server to return a 502 Bad Gateway error. However the webserver itself is not affected, and no DoS can be achieved. Abusing these buffer overflows in a meaningful way requires highly technical knowledge, especially since ASLR also seems to be enabled on the charging station. However, a skilled attacker might be able to use one of these buffer overflows to obtain remote code execution. CVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack has a small impact on the availability of the device (VC:N/VI:N/VA:L). There is no impact on subsequent systems. (SC:N/SI:N/SA:N). While this device is an EV charger handing significant amounts of power, we do not expect this vulnerability to have a safety impact. The attack can be automated (AU:Y). | ||||