Export limit exceeded: 29893 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3608 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38136 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-07-10 | 7 High |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-38191 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2025-07-10 | 7.8 High |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-2913 | 1 Mintplexlabs | 1 Anythingllm | 2025-07-09 | N/A |
| A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically within the user invite acceptance process. Attackers can exploit this vulnerability by sending multiple concurrent requests to accept a single user invite, allowing the creation of multiple user accounts from a single invite link intended for only one user. This bypasses the intended security mechanism that restricts invite acceptance to a single user, leading to unauthorized user creation without detection in the invite tab. The issue is due to the lack of validation for concurrent requests in the backend. | ||||
| CVE-2024-6250 | 1 Lollms | 1 Lollms Web Ui | 2025-07-09 | N/A |
| An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the `open_file` endpoint of `lollms_advanced.py`. The `sanitize_path` function with `allow_absolute_path=True` allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can be exploited to read any file and list arbitrary directories on the affected system. | ||||
| CVE-2025-0759 | 3 Ibm, Linux, Microsoft | 3 Entirex, Linux Kernel, Windows | 2025-07-08 | 3.3 Low |
| IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization. | ||||
| CVE-2024-10047 | 1 Lollms | 1 Lollms Web Ui | 2025-07-08 | N/A |
| parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending a specially crafted HTTP request to the /open_file endpoint. | ||||
| CVE-2024-49046 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 7.8 High |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | ||||
| CVE-2024-43452 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-07-08 | 7.5 High |
| Windows Registry Elevation of Privilege Vulnerability | ||||
| CVE-2024-43511 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | 7 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2022-30214 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2025-07-08 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2022-30212 | 1 Microsoft | 11 Windows 10, Windows 10 1809, Windows 10 20h2 and 8 more | 2025-07-08 | 4.7 Medium |
| Windows Connected Devices Platform Service Information Disclosure Vulnerability | ||||
| CVE-2022-30205 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2025-07-08 | 6.6 Medium |
| Windows Group Policy Elevation of Privilege Vulnerability | ||||
| CVE-2022-24525 | 1 Microsoft | 9 Windows 10, Windows 10 1909, Windows 10 20h2 and 6 more | 2025-07-08 | 7 High |
| Windows Update Stack Elevation of Privilege Vulnerability | ||||
| CVE-2022-23283 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-07-08 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2022-21975 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2025-07-08 | 4.7 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2022-24505 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2025-07-08 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2024-36621 | 1 Mobyproject | 1 Moby | 2025-07-02 | 6.5 Medium |
| moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion. | ||||
| CVE-2024-36623 | 1 Mobyproject | 1 Moby | 2025-07-02 | 8.1 High |
| moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes. | ||||
| CVE-2023-40597 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-07-01 | 7.8 High |
| In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. | ||||
| CVE-2024-34732 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||