Export limit exceeded: 10034 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10034 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36796 | 1 Microsoft | 16 .net, .net Framework, Visual Studio 2017 and 13 more | 2025-10-30 | 7.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2023-38155 | 1 Microsoft | 1 Azure Devops Server | 2025-10-30 | 7 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36736 | 1 Microsoft | 1 Identity Linux Broker | 2025-10-30 | 4.4 Medium |
| Microsoft Identity Linux Broker Remote Code Execution Vulnerability | ||||
| CVE-2023-36742 | 1 Microsoft | 1 Visual Studio Code | 2025-10-30 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2023-36744 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36745 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36756 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-38146 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-10-30 | 8.8 High |
| Windows Themes Remote Code Execution Vulnerability | ||||
| CVE-2023-38147 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2025-10-30 | 8.8 High |
| Windows Miracast Wireless Display Remote Code Execution Vulnerability | ||||
| CVE-2023-38148 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more | 2025-10-30 | 8.8 High |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||||
| CVE-2023-33136 | 1 Microsoft | 1 Azure Devops Server | 2025-10-30 | 8.8 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2024-43572 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2025-10-30 | 7.8 High |
| Microsoft Management Console Remote Code Execution Vulnerability | ||||
| CVE-2025-1316 | 1 Edimax | 2 Ic-7100, Ic-7100 Firmware | 2025-10-30 | 9.8 Critical |
| Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device | ||||
| CVE-2025-0994 | 1 Trimble | 1 Cityworks | 2025-10-30 | 8.8 High |
| Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services (IIS) web server. | ||||
| CVE-2019-18187 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2025-10-30 | 8.8 High |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. | ||||
| CVE-2025-62368 | 1 Taiga | 1 Taiga | 2025-10-30 | 9.1 Critical |
| Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due to unsafe deserialization of untrusted data. This issue is fixed in version 6.9.0. | ||||
| CVE-2025-56399 | 2 Alexusmai, Laravel | 2 Laravel-file-manager, Laravel | 2025-10-30 | 8.8 High |
| alexusmai laravel-file-manager 3.3.1 and before allows an authenticated attacker to achieve Remote Code Execution (RCE) through a crafted file upload. A file with a '.png` extension containing PHP code can be uploaded via the file manager interface. Although the upload appears to fail client-side validation, the file is still saved on the server. The attacker can then use the rename API to change the file extension to `.php`, and upon accessing it via a public URL, the server executes the embedded code. | ||||
| CVE-2025-11202 | 1 Win-cli-mcp-server | 1 Win-cli-mcp-server | 2025-10-30 | N/A |
| win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of win-cli-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the resolveCommandPath method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-27787. | ||||
| CVE-2025-31998 | 1 Hcltech | 2 Unica, Unica Centralized Offer Management | 2025-10-29 | 3.5 Low |
| HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service. | ||||
| CVE-2021-33742 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-10-29 | 7.5 High |
| Windows MSHTML Platform Remote Code Execution Vulnerability | ||||