Search
Search Results (9525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21344 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-02-26 | 7.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2025-24016 | 1 Wazuh | 1 Wazuh | 2026-02-26 | 9.9 Critical |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix. | ||||
| CVE-2025-21345 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-02-26 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2025-21348 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-02-26 | 7.2 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2024-47908 | 1 Ivanti | 1 Cloud Services Appliance | 2026-02-26 | 9.1 Critical |
| OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-21354 | 1 Microsoft | 9 365 Apps, Office, Office 2019 and 6 more | 2026-02-26 | 8.4 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-22467 | 1 Ivanti | 1 Connect Secure | 2026-02-26 | 9.9 Critical |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. | ||||
| CVE-2025-21356 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-02-26 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2024-10644 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2026-02-26 | 9.1 Critical |
| Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-21357 | 1 Microsoft | 8 365 Apps, Office, Office 2019 and 5 more | 2026-02-26 | 6.7 Medium |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2025-21362 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-26 | 8.4 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-21363 | 1 Microsoft | 5 365 Apps, Office 2024, Office Long Term Servicing Channel and 2 more | 2026-02-26 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2025-21365 | 1 Microsoft | 3 365 Apps, Office 2024, Office Long Term Servicing Channel | 2026-02-26 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2025-21366 | 1 Microsoft | 8 365 Apps, Access, Access 2016 and 5 more | 2026-02-26 | 7.8 High |
| Microsoft Access Remote Code Execution Vulnerability | ||||
| CVE-2025-21395 | 1 Microsoft | 8 365 Apps, Access, Access 2016 and 5 more | 2026-02-26 | 7.8 High |
| Microsoft Access Remote Code Execution Vulnerability | ||||
| CVE-2025-21187 | 1 Microsoft | 1 Power Automate For Desktop | 2026-02-26 | 7.8 High |
| Microsoft Power Automate Remote Code Execution Vulnerability | ||||
| CVE-2025-21186 | 1 Microsoft | 8 365 Apps, Access, Access 2016 and 5 more | 2026-02-26 | 7.8 High |
| Microsoft Access Remote Code Execution Vulnerability | ||||
| CVE-2025-21224 | 1 Microsoft | 14 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 11 more | 2026-02-26 | 8.1 High |
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21172 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, .net and 7 more | 2026-02-26 | 7.5 High |
| .NET and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2025-21361 | 1 Microsoft | 4 Office, Office Macos 2021, Office Macos 2024 and 1 more | 2026-02-26 | 7.8 High |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||