Export limit exceeded: 364939 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364939 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12178 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2026-01-22 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-64691 | 1 Aveva | 1 Process Optimization | 2026-01-22 | 8.8 High |
| The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application server. | ||||
| CVE-2025-64729 | 1 Aveva | 1 Process Optimization | 2026-01-22 | 8.1 High |
| The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files. | ||||
| CVE-2025-65117 | 1 Aveva | 1 Process Optimization | 2026-01-22 | 7.4 High |
| The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements. | ||||
| CVE-2025-65118 | 1 Aveva | 2 Application Server, Process Optimization | 2026-01-22 | 8.8 High |
| The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server. | ||||
| CVE-2025-64769 | 1 Aveva | 1 Process Optimization | 2026-01-22 | 7.1 High |
| The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios. | ||||
| CVE-2021-41739 | 1 Articatech | 1 Artica Proxy | 2026-01-22 | 9.8 Critical |
| A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp. | ||||
| CVE-2025-68151 | 1 Coredns.io | 1 Coredns | 2026-01-22 | 7.5 High |
| CoreDNS is a DNS server that chains plugins. Prior to version 1.14.0, multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints. Version 1.14.0 contains a patch. | ||||
| CVE-2025-31963 | 1 Hcltech | 1 Bigfix Insights For Vulnerability Remediation | 2026-01-22 | 2.9 Low |
| Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests. | ||||
| CVE-2024-53252 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-53251 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-53250 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-53249 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-53248 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-45743 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-45742 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-45730 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-45729 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-45728 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||
| CVE-2024-45727 | 2026-01-22 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. | ||||