Export limit exceeded: 10154 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10154 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28921 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-03 | 6.7 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-28920 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-03 | 7.8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-26250 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-03 | 6.7 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-20665 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-03 | 6.1 Medium |
| BitLocker Security Feature Bypass Vulnerability | ||||
| CVE-2024-20669 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-03 | 6.7 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-30043 | 1 Microsoft | 1 Sharepoint Server | 2025-05-03 | 6.5 Medium |
| Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
| CVE-2024-30041 | 1 Microsoft | 1 Bing Search | 2025-05-03 | 5.4 Medium |
| Microsoft Bing Search Spoofing Vulnerability | ||||
| CVE-2024-30050 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 5.4 Medium |
| Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
| CVE-2022-43985 | 1 Apache | 1 Airflow | 2025-05-02 | 6.1 Medium |
| In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's `/confirm` endpoint. | ||||
| CVE-2022-40230 | 1 Ibm | 1 Mq Appliance | 2025-05-02 | 6.5 Medium |
| "IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532." | ||||
| CVE-2022-37911 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-05-02 | 3.8 Low |
| Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition. | ||||
| CVE-2022-32609 | 2 Google, Mediatek | 32 Android, Mt6762, Mt6768 and 29 more | 2025-05-02 | 6.4 Medium |
| In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203410; Issue ID: ALPS07203410. | ||||
| CVE-2022-28763 | 1 Zoom | 3 Meetings, Rooms For Conference Rooms, Virtual Desktop Infrastructure | 2025-05-02 | 8.8 High |
| The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including session takeovers. | ||||
| CVE-2022-39018 | 1 M-files | 1 Hubshare | 2025-05-02 | 8.2 High |
| Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL. | ||||
| CVE-2025-24339 | 2025-05-02 | 5 Medium | ||
| A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle (MitM), via a crafted HTTP request. | ||||
| CVE-2024-47784 | 2025-05-02 | 2.6 Low | ||
| Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier. | ||||
| CVE-2022-3486 | 1 Gitlab | 1 Gitlab | 2025-05-01 | 4.7 Medium |
| An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL. | ||||
| CVE-2022-3280 | 1 Gitlab | 1 Gitlab | 2025-05-01 | 3.5 Low |
| An open redirect in GitLab CE/EE affecting all versions from 10.1 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick users into visiting a trustworthy URL and being redirected to arbitrary content. | ||||
| CVE-2022-32610 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6768 and 30 more | 2025-05-01 | 6.4 Medium |
| In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203476; Issue ID: ALPS07203476. | ||||
| CVE-2022-27516 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2025-05-01 | 5.3 Medium |
| User login brute force protection functionality bypass | ||||