Export limit exceeded: 18084 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 10777 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10777 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-21401 1 Microsoft 1 Entra Jira Sso Plugin 2025-05-03 9.8 Critical
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability
CVE-2024-21436 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7.8 High
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-21418 1 Linuxfoundation 1 Software For Open Networking In The Cloud 2025-05-03 7.8 High
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
CVE-2024-21390 1 Microsoft 1 Authenticator 2025-05-03 7.1 High
Microsoft Authenticator Elevation of Privilege Vulnerability
CVE-2024-26203 1 Microsoft 1 Azure Data Studio 2025-05-03 7.3 High
Azure Data Studio Elevation of Privilege Vulnerability
CVE-2024-26201 1 Microsoft 1 Intune Company Portal 2025-05-03 6.6 Medium
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
CVE-2024-21427 1 Microsoft 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more 2025-05-03 7.5 High
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-29993 1 Microsoft 1 Azure Cyclecloud 2025-05-03 8.8 High
Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-29054 1 Microsoft 1 Defender For Iot 2025-05-03 7.2 High
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-29055 1 Microsoft 1 Defender For Iot 2025-05-03 7.2 High
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-28917 1 Microsoft 7 Azure Arc Extension Microsoft.azstackhci.operator, Azure Arc Extension Microsoft.azure.hybridnetwork, Azure Arc Extension Microsoft.azurekeyvaultsecretsprovider and 4 more 2025-05-03 6.2 Medium
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
CVE-2024-26234 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 6.7 Medium
Proxy Driver Spoofing Vulnerability
CVE-2024-29990 1 Microsoft 1 Azure Kubernetes Service Confidential Containers 2025-05-03 9 Critical
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-28922 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-03 4.1 Medium
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-21424 1 Microsoft 1 Azure Compute Gallery 2025-05-03 6.5 Medium
Azure Compute Gallery Elevation of Privilege Vulnerability
CVE-2024-26193 1 Microsoft 1 Azure Migrate 2025-05-03 6.4 Medium
Azure Migrate Remote Code Execution Vulnerability
CVE-2024-30059 1 Microsoft 1 Intune Mobile Application Management 2025-05-03 6.1 Medium
Microsoft Intune for Android Mobile Application Management Tampering Vulnerability
CVE-2022-39019 1 M-files 1 Hubshare 2025-05-02 6.3 Medium
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server.
CVE-2022-42707 1 Mahara 1 Mahara 2025-05-02 7.5 High
In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions.
CVE-2024-13102 1 Dlink 2 Dir-816, Dir-816 Firmware 2025-05-02 5.3 Medium
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.