Export limit exceeded: 347834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10227 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10227 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-17124 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2025-08-28 | 7.8 High |
| Microsoft PowerPoint Remote Code Execution Vulnerability | ||||
| CVE-2020-17123 | 1 Microsoft | 9 365 Apps, Excel, Excel 2013 and 6 more | 2025-08-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2020-17122 | 1 Microsoft | 4 Excel, Office, Office Web Apps and 1 more | 2025-08-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2020-17121 | 1 Microsoft | 5 Sharepoint Foundation, Sharepoint Foundation 2013, Sharepoint Server and 2 more | 2025-08-28 | 8.8 High |
| Microsoft SharePoint Remote Code Execution Vulnerability | ||||
| CVE-2020-17118 | 1 Microsoft | 5 Sharepoint Foundation, Sharepoint Foundation 2013, Sharepoint Server and 2 more | 2025-08-28 | 8.1 High |
| Microsoft SharePoint Remote Code Execution Vulnerability | ||||
| CVE-2020-17117 | 1 Microsoft | 1 Exchange Server | 2025-08-28 | 6.6 Medium |
| Microsoft Exchange Remote Code Execution Vulnerability | ||||
| CVE-2020-17096 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2025-08-28 | 7.5 High |
| Windows NTFS Remote Code Execution Vulnerability | ||||
| CVE-2020-17095 | 1 Microsoft | 11 Windows 10, Windows 10 1607, Windows 10 1803 and 8 more | 2025-08-28 | 8.5 High |
| Windows Hyper-V Remote Code Execution Vulnerability | ||||
| CVE-2024-30020 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-27 | 8.1 High |
| Windows Cryptographic Services Remote Code Execution Vulnerability | ||||
| CVE-2017-17485 | 4 Debian, Fasterxml, Netapp and 1 more | 15 Debian Linux, Jackson-databind, E-series Santricity Os Controller and 12 more | 2025-08-27 | 9.8 Critical |
| FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. | ||||
| CVE-2024-5989 | 1 Rockwellautomation | 2 Thinmanager, Thinserver | 2025-08-27 | 9.8 Critical |
| Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™. | ||||
| CVE-2024-5988 | 1 Rockwellautomation | 2 Thinmanager, Thinserver | 2025-08-27 | 9.8 Critical |
| Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™. | ||||
| CVE-2024-39865 | 1 Siemens | 1 Sinema Remote Connect Server | 2025-08-27 | 8.8 High |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker with access to the backup encryption key to upload malicious files, that could potentially lead to remote code execution. | ||||
| CVE-2022-44696 | 1 Microsoft | 2 365 Apps, Office | 2025-08-27 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44691 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-08-27 | 7.8 High |
| Microsoft Office OneNote Remote Code Execution Vulnerability | ||||
| CVE-2022-44666 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-08-27 | 7.8 High |
| Windows Contacts Remote Code Execution Vulnerability | ||||
| CVE-2022-38044 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-08-27 | 7.8 High |
| Windows CD-ROM File System Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-55921 | 1 Typo3 | 1 Typo3 | 2025-08-26 | 7.5 High |
| TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions: The user opens a malicious link, such as one sent via email. The user visits a compromised or manipulated website while the following settings are misconfigured: 1. `security.backend.enforceReferrer` feature is disabled, 2. `BE/cookieSameSite` configuration is set to lax or none. The vulnerability in the affected downstream component “Extension Manager Module” allows attackers to retrieve and install 3rd party extensions from the TYPO3 Extension Repository - which can lead to remote code execution in the worst case. Users are advised to update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS which fix the problem described. | ||||
| CVE-2025-54424 | 2 1panel, Fit2cloud | 2 1panel, 1panel | 2025-08-26 | 8.1 High |
| 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot. | ||||
| CVE-2023-2530 | 1 Puppet | 1 Puppet Enterprise | 2025-08-26 | 9.8 Critical |
| A privilege escalation allowing remote code execution was discovered in the orchestration service. | ||||