Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (786 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-8530 1 Schneider-electric 1 Data Center Expert 2024-10-17 5.9 Medium
CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS.
CVE-2024-8422 1 Schneider-electric 1 Zelio Soft 2 2024-10-16 7.8 High
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file.
CVE-2024-8531 1 Schneider-electric 1 Data Center Expert 2024-10-15 7.2 High
CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root.
CVE-2024-9002 1 Schneider-electric 1 Easergy Studio 2024-10-15 7.8 High
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries
CVE-2024-8306 1 Schneider-electric 2 Vijeo Designer, Vijeo Designer Embedded In Ecostruxure Machine Expert 2024-09-18 7.8 High
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries.
CVE-2024-6918 1 Schneider-electric 1 Accutech Manager 2024-09-03 7.5 High
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP.