Export limit exceeded: 366625 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366625 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-30062 1 Microsoft 5 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 2 more 2025-12-17 7.8 High
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
CVE-2024-29060 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2025-12-17 6.7 Medium
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-35260 1 Microsoft 1 Power Platform 2025-12-17 8 High
An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network.
CVE-2024-38082 1 Microsoft 2 Edge, Edge Chromium 2025-12-17 4.7 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-38093 1 Microsoft 2 Edge, Edge Chromium 2025-12-17 4.3 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-35255 2 Microsoft, Redhat 12 Authentication Library, Azure Identity Library For .net, Azure Identity Library For C Plus Plus and 9 more 2025-12-17 5.5 Medium
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
CVE-2024-35250 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2025-12-17 7.8 High
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-30082 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2025-12-17 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2024-30080 1 Microsoft 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more 2025-12-17 9.8 Critical
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-30078 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2025-12-17 8.8 High
Windows Wi-Fi Driver Remote Code Execution Vulnerability
CVE-2024-30077 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2025-12-17 8 High
Windows OLE Remote Code Execution Vulnerability
CVE-2024-30076 1 Microsoft 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more 2025-12-17 6.8 Medium
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2024-30075 1 Microsoft 3 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 2025-12-17 8 High
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVE-2024-30074 1 Microsoft 3 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 2025-12-17 8 High
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVE-2024-30072 1 Microsoft 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more 2025-12-17 7.8 High
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
CVE-2024-30070 1 Microsoft 4 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 1 more 2025-12-17 7.5 High
DHCP Server Service Denial of Service Vulnerability
CVE-2024-30069 1 Microsoft 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more 2025-12-17 4.7 Medium
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2021-4189 4 Debian, Netapp, Python and 1 more 6 Debian Linux, Ontap Select Deploy Administration Utility, Python and 3 more 2025-12-17 5.3 Medium
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.
CVE-2021-3737 6 Canonical, Fedoraproject, Netapp and 3 more 18 Ubuntu Linux, Fedora, Hci and 15 more 2025-12-17 7.5 High
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
CVE-2021-28957 6 Debian, Fedoraproject, Lxml and 3 more 7 Debian Linux, Fedora, Lxml and 4 more 2025-12-17 6.1 Medium
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.