) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-37787 |
The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP POST request to the TinyMCE module Published: March 11, 2025; 2:15:25 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-27172 |
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: March 11, 2025; 1:16:44 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-26645 |
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. Published: March 11, 2025; 1:16:44 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2025-26634 |
Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. Published: March 11, 2025; 1:16:43 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2025-26633 |
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. Published: March 11, 2025; 1:16:43 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0:(not available) |
| CVE-2025-26631 |
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:43 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2025-26630 |
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:42 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-26629 |
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:39 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-26627 |
Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:38 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0:(not available) |
| CVE-2025-25008 |
Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:38 PM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
| CVE-2025-25003 |
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:38 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2025-24998 |
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:37 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2025-24997 |
Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally. Published: March 11, 2025; 1:16:37 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available) |
| CVE-2025-24996 |
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. Published: March 11, 2025; 1:16:36 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2025-24995 |
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:36 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24994 |
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:36 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2025-24993 |
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:35 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24992 |
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally. Published: March 11, 2025; 1:16:35 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2025-24991 |
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. Published: March 11, 2025; 1:16:35 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2025-24988 |
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. Published: March 11, 2025; 1:16:35 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0:(not available) |