Export limit exceeded: 328167 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2807 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28899 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-10 | 8.8 High |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-21417 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2026-02-10 | 8.8 High |
| Windows Text Services Framework Elevation of Privilege Vulnerability | ||||
| CVE-2022-41128 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-01-14 | 8.8 High |
| Windows Scripting Languages Remote Code Execution Vulnerability | ||||
| CVE-2022-37969 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2026-01-13 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2022-41033 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-01-13 | 7.8 High |
| Windows COM+ Event System Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-36584 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-01-12 | 5.4 Medium |
| Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
| CVE-2024-43461 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2025-12-30 | 8.8 High |
| Windows MSHTML Platform Spoofing Vulnerability | ||||
| CVE-2024-30088 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-12-17 | 7 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-30080 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2025-12-17 | 9.8 Critical |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2022-29106 | 1 Microsoft | 5 Windows 10, Windows Server 2016, Windows Server 2019 and 2 more | 2025-12-16 | 7 High |
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | ||||
| CVE-2023-38039 | 4 Fedoraproject, Haxx, Microsoft and 1 more | 11 Fedora, Curl, Windows 10 1809 and 8 more | 2025-12-02 | 7.5 High |
| When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. | ||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 367 Http Server, Opensearch Data Prepper, Apisix and 364 more | 2025-11-07 | 7.5 High |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | ||||
| CVE-2023-1018 | 3 Microsoft, Redhat, Trustedcomputinggroup | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-11-04 | 5.5 Medium |
| An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. | ||||
| CVE-2023-1017 | 3 Microsoft, Redhat, Trustedcomputinggroup | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-11-04 | 7.8 High |
| An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. | ||||
| CVE-2023-50387 | 8 Fedoraproject, Isc, Microsoft and 5 more | 18 Fedora, Bind, Windows Server 2008 and 15 more | 2025-11-04 | 7.5 High |
| Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. | ||||
| CVE-2022-41091 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-10-30 | 5.4 Medium |
| Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
| CVE-2022-41125 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-10-30 | 7.8 High |
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||||
| CVE-2022-41049 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-10-30 | 5.4 Medium |
| Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
| CVE-2022-41073 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2025-10-30 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2022-24521 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2025-10-30 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||