Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (619 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-8327 1 Microsoft 2 Powershell, Powershell Editor Services 2025-07-16 9.8 Critical
A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.
CVE-2025-47966 1 Microsoft 2 Power Automate, Power Automate For Desktop 2025-07-11 9.8 Critical
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
CVE-2023-24943 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-07-10 9.8 Critical
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-24941 1 Microsoft 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more 2025-07-10 9.8 Critical
Windows Network File System Remote Code Execution Vulnerability
CVE-2024-38175 1 Microsoft 1 Azure Managed Instance For Apache Cassandra 2025-07-10 9.6 Critical
An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network.
CVE-2024-38109 1 Microsoft 1 Azure Health Bot 2025-07-10 9.1 Critical
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
CVE-2024-38140 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 9.8 Critical
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2024-38063 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 9.8 Critical
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38199 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 9.8 Critical
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
CVE-2024-38160 1 Microsoft 2 Windows 10 1607, Windows Server 2016 2025-07-10 9.1 Critical
Windows Network Virtualization Remote Code Execution Vulnerability
CVE-2024-38159 1 Microsoft 2 Windows 10 1607, Windows Server 2016 2025-07-10 9.1 Critical
Windows Network Virtualization Remote Code Execution Vulnerability
CVE-2024-38108 1 Microsoft 1 Azure Stack Hub 2025-07-10 9.3 Critical
Azure Stack Hub Spoofing Vulnerability
CVE-2024-52928 2 Microsoft, Thebrowser 2 Windows, Arc 2025-07-10 9.6 Critical
Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.
CVE-2024-43639 1 Microsoft 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more 2025-07-08 9.8 Critical
Windows KDC Proxy Remote Code Execution Vulnerability
CVE-2024-43498 4 Apple, Linux, Microsoft and 1 more 6 Macos, Linux Kernel, .net and 3 more 2025-07-08 9.8 Critical
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-49038 1 Microsoft 1 Copilot Studio 2025-07-08 9.3 Critical
Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.
CVE-2024-43602 1 Microsoft 1 Azure Cyclecloud 2025-07-08 9.9 Critical
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-43468 1 Microsoft 1 Configuration Manager 2025-07-08 9.8 Critical
Microsoft Configuration Manager Remote Code Execution Vulnerability
CVE-2024-38124 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2025-07-08 9 Critical
Windows Netlogon Elevation of Privilege Vulnerability
CVE-2024-9194 3 Linux, Microsoft, Octopus 3 Linux Kernel, Windows, Octopus Server 2025-07-02 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server on Windows, Linux allows SQL Injection.This issue affects Octopus Server: from 2024.1.0 before 2024.1.13038, from 2024.2.0 before 2024.2.9482, from 2024.3.0 before 2024.3.12766.