17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 10901-10950 of 17282 CVEs Page 219 of 346
CVE-2025-59247
Analyzed
8.8
Microsoft Multiple Products

Azure PlayFab Elevation of Privilege Vulnerability

2025-10-09
CVE-2025-59246
Analyzed
9.8
Microsoft Multiple Products

Azure Entra ID Elevation of Privilege Vulnerability

2025-10-09
CVE-2025-59245
Analyzed
9.8
Microsoft Multiple Products

Microsoft SharePoint Online Elevation of Privilege Vulnerability

2025-11-20
CVE-2025-59243
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59242
7.8
Microsoft Multiple Products

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59241
7.8
Microsoft Multiple Products

Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to el...

2025-10-14
CVE-2025-59238
7.8
Microsoft Multiple Products

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59237
Analyzed
8.8
Microsoft Multiple Products

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

2025-10-14
CVE-2025-59236
Analyzed
8.4
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59234
7.8
Microsoft Multiple Products

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59233
7.8
Microsoft Multiple Products

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59231
7.8
Microsoft Multiple Products

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59230
KEV Analyzed
7.8
Microsoft Multiple Products

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59228
8.8
Microsoft Multiple Products

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

2025-10-14
CVE-2025-59227
7.8
Microsoft Multiple Products

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59226
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59225
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59224
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59223
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59222
Analyzed
7.8
Microsoft Multiple Products

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally

2025-10-14
CVE-2025-59220
Analyzed
7
Microsoft Multiple Products

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker...

2025-09-18
CVE-2025-59218
Analyzed
9.6
Microsoft Multiple Products

Azure Entra ID Elevation of Privilege Vulnerability

2025-10-09
CVE-2025-59216
Analyzed
7
Microsoft Multiple Products

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attac...

2025-09-18
CVE-2025-59215
Analyzed
7
Microsoft Multiple Products

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally

2025-09-18
CVE-2025-59213
Analyzed
8.4
Microsoft Multiple Products

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacke...

2025-10-14
CVE-2025-59207
7.8
Microsoft Multiple Products

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59201
7.8
Unknown Multiple Products

Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59199
7.8
Unknown Multiple Products

Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59192
7.8
Unknown Multiple Products

Buffer over-read in Storport

2025-10-14
CVE-2025-59191
7.8
Unknown Multiple Products

Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59187
7.8
Microsoft Multiple Products

Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally

2025-10-14
CVE-2025-59171
7.5
Unknown Multiple Products

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code exec...

2025-11-06
CVE-2025-59159
Analyzed
9.6
Unknown Multiple Products

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines,...

2025-10-06
CVE-2025-59157
Analyzed
9.9
GitHub Multiple Products

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Reposit...

2026-01-06
CVE-2025-59152
Analyzed
7.5
Intel Multiple Products

Litestar is an Asynchronous Server Gateway Interface (ASGI) framework

2025-10-06
CVE-2025-59151
8.2
Unknown Multiple Products

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application

2025-10-27
CVE-2025-59150
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-10-01
CVE-2025-59148
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-10-01
CVE-2025-59147
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

2025-10-01
CVE-2025-59146
8.5
Intel Multiple Products

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system

2025-10-09
CVE-2025-59137
7.1
Portfolio Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in eLEOPARD Behance Portfolio Manager allows Stored XSS

2026-01-01
CVE-2025-59134
8.8
Unknown Multiple Products

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privile...

2025-12-19
CVE-2025-59131
7.1
Hoernerfranz Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Hoernerfranz WP-CalDav2ICS allows Stored XSS

2026-01-01
CVE-2025-59129
7.6
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Appointify allows Blind SQL Injection

2025-12-31
CVE-2025-59118
7.3
Apache Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz

2025-11-14
CVE-2025-59106
8.8
Unknown Multiple Products

The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges

2026-01-28
CVE-2025-59088
8.6
Unknown Multiple Products

If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in...

2025-11-13
CVE-2025-59059
Analyzed
9.8
Apache Ranger versions

A remote code execution (RCE) vulnerability exists in the NashornScriptEngineCreator component of Apache Ranger versions 2.7.0 and earlier.

2026-03-04
CVE-2025-59057
Analyzed
7.6
React Multiple Products

React Router is a router for React

2026-01-10
CVE-2025-59053
Analyzed
9.6
Intel Multiple Products

AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the `packages/stage-ui/src/components/MarkdownRenderer.vue` p...

2025-09-12