Export limit exceeded: 358249 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10486 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-47211 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44687 | 1 Microsoft | 3 Raw Image Extension, Windows 10, Windows 11 | 2025-07-22 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2022-44670 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2025-07-22 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-41076 | 1 Microsoft | 23 Powershell, Windows 10, Windows 10 1507 and 20 more | 2025-07-22 | 8.5 High |
| PowerShell Remote Code Execution Vulnerability | ||||
| CVE-2022-26806 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-26805 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-26804 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44702 | 1 Microsoft | 3 Terminal, Windows 10, Windows 11 | 2025-07-22 | 7.8 High |
| Windows Terminal Remote Code Execution Vulnerability | ||||
| CVE-2022-44693 | 1 Microsoft | 7 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Foundation 2013 and 4 more | 2025-07-22 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-44692 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44690 | 1 Microsoft | 6 Sharepoint Foundation, Sharepoint Foundation 2013, Sharepoint Server and 3 more | 2025-07-22 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-44676 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2025-07-22 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-44668 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2025-07-22 | 7.8 High |
| Windows Media Remote Code Execution Vulnerability | ||||
| CVE-2022-44667 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2025-07-22 | 7.8 High |
| Windows Media Remote Code Execution Vulnerability | ||||
| CVE-2022-41127 | 1 Microsoft | 11 Dynamics 365 Business Central, Dynamics 365 Business Central 2019, Dynamics 365 Business Central 2020 and 8 more | 2025-07-22 | 8.5 High |
| Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | ||||
| CVE-2024-7760 | 1 Aimstack | 1 Aim | 2025-07-21 | 9.6 Critical |
| aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the tracking server. The vulnerability is due to overly permissive CORS settings, allowing cross-origin requests from all origins. This enables CSRF attacks on all endpoints of the tracking server, which can be chained with other existing vulnerabilities such as remote code execution, denial of service, and arbitrary file read/write. | ||||
| CVE-2024-3403 | 1 Pribai | 1 Privategpt | 2025-07-17 | N/A |
| imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI to retrieve or disclose the contents of any file on the system. This vulnerability could lead to various impacts, including but not limited to remote code execution by obtaining private SSH keys, unauthorized access to private files, source code disclosure facilitating further attacks, and exposure of configuration files. | ||||
| CVE-2024-24724 | 1 Gibbonedu | 1 Gibbon | 2025-07-17 | 9.8 Critical |
| Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization. | ||||
| CVE-2024-10901 | 1 Dbgpt | 1 Db-gpt | 2025-07-17 | 9.8 Critical |
| In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE) by writing malicious files such as `__init__.py` in the Python's `/site-packages/` directory. | ||||
| CVE-2024-10835 | 1 Dbgpt | 1 Db-gpt | 2025-07-17 | 9.8 Critical |
| In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE). | ||||