Search Results (41009 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-38114 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 8.8 High
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-38063 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 9.8 Critical
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38184 1 Microsoft 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more 2025-07-10 7.8 High
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38172 1 Microsoft 2 365 Apps, Office Long Term Servicing Channel 2025-07-10 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-38161 1 Microsoft 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more 2025-07-10 6.8 Medium
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-38160 1 Microsoft 2 Windows 10 1607, Windows Server 2016 2025-07-10 9.1 Critical
Windows Network Virtualization Remote Code Execution Vulnerability
CVE-2024-38123 1 Microsoft 1 Windows 11 24h2 2025-07-10 4.4 Medium
Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2025-5897 1 Vuejs 1 Vue Cli 2025-07-10 4.3 Medium
A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely.
CVE-2025-5896 1 Taro 1 Taro 2025-07-10 4.3 Medium
A vulnerability was found in tarojs taro up to 4.1.1. It has been declared as problematic. This vulnerability affects unknown code of the file taro/packages/css-to-react-native/src/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 4.1.2 is able to address this issue. The name of the patch is c2e321a8b6fc873427c466c69f41ed0b5e8814bf. It is recommended to upgrade the affected component.
CVE-2025-5895 1 Metabase 1 Metabase 2025-07-10 4.3 Medium
A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 4454ebbdc7719016bf80ca0f34859ce5cee9f6b0. It is recommended to apply a patch to fix this issue.
CVE-2025-5892 1 Rocket.chat 1 Rocket.chat 2025-07-10 4.3 Medium
A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5891 1 Keymetric 1 Pm2 2025-07-10 4.3 Medium
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-26644 1 Microsoft 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more 2025-07-10 5.1 Medium
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
CVE-2024-4192 1 Deltaww 1 Cncsoft-g2 2025-07-10 7.8 High
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2025-21221 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 8.8 High
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-21205 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 8.8 High
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-21203 1 Microsoft 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more 2025-07-10 6.5 Medium
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2018-7725 3 Canonical, Gdraheim, Redhat 6 Ubuntu Linux, Zziplib, Enterprise Linux and 3 more 2025-07-10 N/A
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
CVE-2018-6540 2 Canonical, Gdraheim 2 Ubuntu Linux, Zziplib 2025-07-10 N/A
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
CVE-2020-18770 2 Gdraheim, Redhat 2 Zziplib, Enterprise Linux 2025-07-10 5.5 Medium
An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.