Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (23035 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-29072 2 7-zip, Microsoft 2 7-zip, Windows 2025-06-09 7.8 High
7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process. NOTE: multiple third parties have reported that no privilege escalation can occur
CVE-2024-20697 1 Microsoft 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 2025-06-05 7.3 High
Windows libarchive Remote Code Execution Vulnerability
CVE-2022-34699 1 Microsoft 5 Windows 10, Windows 11, Windows Server 2016 and 2 more 2025-06-05 7.8 High
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-34696 1 Microsoft 7 Windows 10, Windows 11, Windows 8.1 and 4 more 2025-06-05 7.8 High
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2022-34692 1 Microsoft 1 Exchange Server 2025-06-05 5.3 Medium
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-34691 1 Microsoft 10 Windows 10, Windows 11, Windows 7 and 7 more 2025-06-05 8.8 High
Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2022-33646 1 Microsoft 1 Azure Batch 2025-06-05 7 High
Azure Batch Node Agent Elevation of Privilege Vulnerability
CVE-2022-33640 1 Microsoft 2 Open Management Infrastructure, System Center Operations Manager 2025-06-05 7.8 High
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2022-33631 1 Microsoft 4 365 Apps, Excel, Office and 1 more 2025-06-05 7.3 High
Microsoft Excel Security Feature Bypass Vulnerability
CVE-2025-3936 2 Microsoft, Tridium 3 Windows, Niagara, Niagara Enterprise Security 2025-06-04 6.5 Medium
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3937 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 7.7 High
Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3938 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 6.8 Medium
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3939 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 5.3 Medium
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3940 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 5.3 Medium
Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3941 2 Microsoft, Tridium 3 Windows, Niagara, Niagara Enterprise Security 2025-06-04 5.4 Medium
Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3942 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 4.3 Medium
Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3943 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 4.1 Medium
Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter Injection. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-3944 4 Blackberry, Linux, Microsoft and 1 more 5 Qnx, Linux Kernel, Windows and 2 more 2025-06-04 7.2 High
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
CVE-2025-21416 1 Microsoft 1 Azure Virtual Desktop 2025-06-04 8.5 High
Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.
CVE-2025-30392 1 Microsoft 1 Azure Ai Bot Service 2025-06-04 9.8 Critical
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.