Export limit exceeded: 363286 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363286 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-24452 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-22007 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-22006 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-23301 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-23300 1 Microsoft 1 Raw Image Extension 2025-07-08 7.8 High
Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-23299 1 Microsoft 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more 2025-07-08 7.8 High
Windows PDEV Elevation of Privilege Vulnerability
CVE-2022-23298 1 Microsoft 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more 2025-07-08 7 High
Windows NT OS Kernel Elevation of Privilege Vulnerability
CVE-2022-23291 1 Microsoft 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more 2025-07-08 7.8 High
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-23290 1 Microsoft 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more 2025-07-08 7.8 High
Windows Inking COM Elevation of Privilege Vulnerability
CVE-2022-23266 1 Microsoft 1 Defender For Iot 2025-07-08 7.8 High
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2022-23265 1 Microsoft 1 Defender For Iot 2025-07-08 7.2 High
Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2022-21990 1 Microsoft 24 Remote Desktop, Windows 10, Windows 10 1507 and 21 more 2025-07-08 8.8 High
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-21977 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2025-07-08 3.3 Low
Media Foundation Information Disclosure Vulnerability
CVE-2023-50191 1 Trimble 1 Sketchup Viewer 2025-07-08 N/A
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21785.
CVE-2023-50196 1 Trimble 1 Sketchup Viewer 2025-07-08 N/A
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21800.
CVE-2025-20264 1 Cisco 2 Identity Services Engine, Identity Services Engine Software 2025-07-08 6.4 Medium
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms for users created by SAML SSO integration with an external identity provider. An attacker could exploit this vulnerability by submitting a series of specific commands to an affected device. A successful exploit could allow the attacker to modify a limited number of system settings, including some that would result in a system restart. In single-node Cisco ISE deployments, devices that are not authenticated to the network will not be able to authenticate until the Cisco ISE system comes back online. 
CVE-2025-6915 1 Phpgurukul 1 Student Record System 2025-07-08 6.3 Medium
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Record System 3.2. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument session leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5832 1 Pioneer 2 Dmh-wt7600nex, Dmh-wt7600nex Firmware 2025-07-08 N/A
Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the software update verification process. The issue results from the lack of validating all the data in the software update. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26079.
CVE-2025-5833 1 Pioneer 2 Dmh-wt7600nex, Dmh-wt7600nex Firmware 2025-07-08 6.8 Medium
Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the operating system. The issue results from the lack of properly configured protection for the root file system. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26077.
CVE-2025-5834 1 Pioneer 2 Dmh-wt7600nex, Dmh-wt7600nex Firmware 2025-07-08 7.8 High
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of a properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-26078.