Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-21333 | 1 Microsoft | 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more | 2025-12-09 | 8.8 High |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | ||||
| CVE-2024-21332 | 1 Microsoft | 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more | 2025-12-09 | 8.8 High |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | ||||
| CVE-2024-38087 | 1 Microsoft | 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more | 2025-12-09 | 8.8 High |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | ||||
| CVE-2024-38088 | 1 Microsoft | 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more | 2025-12-09 | 8.8 High |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | ||||
| CVE-2024-30061 | 1 Microsoft | 1 Dynamics 365 | 2025-12-09 | 7.3 High |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | ||||
| CVE-2025-67498 | 2025-12-09 | N/A | ||
| Further research determined the issue is not a vulnerability. | ||||
| CVE-2025-67497 | 2025-12-09 | N/A | ||
| Further research determined the issue is not a vulnerability. | ||||
| CVE-2025-13760 | 2025-12-09 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-12916 | 1 Sangfor | 1 Operation And Maintenance Security Management System | 2025-12-09 | 6.3 Medium |
| A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This manipulation of the argument loginUrl causes command injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.0.11 and 3.0.12 is recommended to address this issue. It is advisable to upgrade the affected component. | ||||
| CVE-2022-24522 | 1 Microsoft | 1 Skype Extension | 2025-12-09 | 6.5 Medium |
| Skype Extension for Chrome Information Disclosure Vulnerability | ||||
| CVE-2022-24526 | 1 Microsoft | 1 Visual Studio Code | 2025-12-09 | 6.1 Medium |
| Visual Studio Code Spoofing Vulnerability | ||||
| CVE-2022-24498 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2025-12-09 | 6.5 Medium |
| Windows iSCSI Target Service Information Disclosure Vulnerability | ||||
| CVE-2022-24539 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2025-12-09 | 8.1 High |
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | ||||
| CVE-2022-24548 | 1 Microsoft | 1 Malware Protection Engine | 2025-12-09 | 5.5 Medium |
| Microsoft Defender Denial of Service Vulnerability | ||||
| CVE-2022-26784 | 1 Microsoft | 6 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 3 more | 2025-12-09 | 6.5 Medium |
| Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | ||||
| CVE-2025-14218 | 2 Code-projects, Fabian | 2 Currency Exchange System, Currency Exchange System | 2025-12-09 | 7.3 High |
| A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-14217 | 2 Code-projects, Fabian | 2 Currency Exchange System, Currency Exchange System | 2025-12-09 | 7.3 High |
| A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
| CVE-2022-48470 | 1 Huawei | 1 Hilink Ai Life | 2025-12-09 | 4 Medium |
| Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2022-42291) This vulnerability has been assigned a (CVE)ID:CVE-2022-48470 | ||||
| CVE-2025-14216 | 2 Code-projects, Fabian | 2 Currency Exchange System, Currency Exchange System | 2025-12-09 | 7.3 High |
| A vulnerability was determined in code-projects Currency Exchange System 1.0. This issue affects some unknown processing of the file /viewserial.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-14215 | 2 Code-projects, Fabian | 2 Currency Exchange System, Currency Exchange System | 2025-12-09 | 7.3 High |
| A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | ||||