Export limit exceeded: 347399 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347399 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35012 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35012 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20663 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-03 | 6.5 Medium |
| Windows Message Queuing Client (MSMQC) Information Disclosure | ||||
| CVE-2024-21316 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 7 more | 2025-06-03 | 6.1 Medium |
| Windows Server Key Distribution Service Security Feature Bypass | ||||
| CVE-2024-20681 | 1 Microsoft | 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more | 2025-06-03 | 7.8 High |
| Windows Subsystem for Linux Elevation of Privilege Vulnerability | ||||
| CVE-2024-21319 | 2 Microsoft, Redhat | 5 .net, Identity Model, Visual Studio 2022 and 2 more | 2025-06-03 | 6.8 Medium |
| Microsoft Identity Denial of service vulnerability | ||||
| CVE-2024-22028 | 1 3rrr-btob | 12 3r-tmc01, 3r-tmc01 Firmware, 3r-tmc02 and 9 more | 2025-06-03 | 4.6 Medium |
| Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data. | ||||
| CVE-2023-6843 | 1 Easy.jobs | 1 Easy.jobs | 2025-06-03 | 4.3 Medium |
| The easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg WordPress plugin before 2.4.7 does not properly secure some of its AJAX actions, allowing any logged-in users to modify its settings. | ||||
| CVE-2023-50440 | 1 Primx | 3 Zed\!, Zedmail, Zonecentral | 2025-06-03 | 5.5 Medium |
| ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger network access to an attacker-controlled computer when opened by the victim. | ||||
| CVE-2024-21337 | 1 Microsoft | 1 Edge Chromium | 2025-06-03 | 5.2 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2023-49647 | 2 Microsoft, Zoom | 5 Windows, Meeting Software Development Kit, Video Software Development Kit and 2 more | 2025-06-03 | 8.8 High |
| Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2024-20721 | 2 Adobe, Microsoft | 2 Acrobat, Edge Chromium | 2025-06-03 | 5.5 Medium |
| Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-2264 | 1 Selinc | 2 Sel-411l, Sel-411l Firmware | 2025-06-03 | 4 Medium |
| An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior. See product Instruction Manual Appendix A dated 20230830 for more details. | ||||
| CVE-2023-40699 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-06-03 | 7.5 High |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. | ||||
| CVE-2023-52109 | 1 Huawei | 2 Emui, Harmonyos | 2025-06-02 | 7.5 High |
| Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-52108 | 1 Huawei | 2 Emui, Harmonyos | 2025-06-02 | 7.5 High |
| Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-52104 | 1 Huawei | 2 Emui, Harmonyos | 2025-06-02 | 7.5 High |
| Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-52100 | 1 Huawei | 1 Harmonyos | 2025-06-02 | 7.5 High |
| The Celia Keyboard module has a vulnerability in access control. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-39691 | 1 Kodcloud | 1 Kodbox | 2025-06-02 | 9.8 Critical |
| An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator accounts via crafted GET request. | ||||
| CVE-2024-45691 | 1 Moodle | 1 Moodle | 2025-06-02 | 5.4 Medium |
| A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values. | ||||
| CVE-2024-20272 | 1 Cisco | 1 Unity Connection | 2025-06-02 | 7.3 High |
| A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by uploading arbitrary files to an affected system. A successful exploit could allow the attacker to store malicious files on the system, execute arbitrary commands on the operating system, and elevate privileges to root. | ||||
| CVE-2023-5922 | 1 Royal-elementor-addons | 1 Royal Elementor Addons | 2025-06-02 | 7.5 High |
| The Royal Elementor Addons and Templates WordPress plugin before 1.3.81 does not ensure that users accessing posts via an AJAX action (and REST endpoint, currently disabled in the plugin) have the right to do so, allowing unauthenticated users to access arbitrary draft, private and password protected posts/pages content | ||||