Total
286780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24988 | 2025-03-23 | 6.6 Medium | ||
| Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. | ||||
| CVE-2025-24987 | 2025-03-23 | 6.6 Medium | ||
| Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. | ||||
| CVE-2025-24986 | 2025-03-23 | 6.5 Medium | ||
| Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-24083 | 2025-03-23 | 7.8 High | ||
| Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24082 | 2025-03-23 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24081 | 2025-03-23 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24080 | 2025-03-23 | 7.8 High | ||
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24079 | 2025-03-23 | 7.8 High | ||
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24078 | 2025-03-23 | 7 High | ||
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24077 | 2025-03-23 | 7.8 High | ||
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24070 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2025-03-23 | 7 High |
| Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-24057 | 2025-03-23 | 7.8 High | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24043 | 2025-03-23 | 7.5 High | ||
| Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-24044 | 2025-03-23 | 7.8 High | ||
| Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24035 | 2025-03-23 | 8.1 High | ||
| Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-26408 | 2025-03-22 | 6.1 Medium | ||
| The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected. | ||||
| CVE-2025-24158 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2025-03-22 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service. | ||||
| CVE-2024-57719 | 2025-03-22 | 6.5 Medium | ||
| lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0. | ||||
| CVE-2024-57656 | 2025-03-22 | 7.5 High | ||
| An issue in the sqlc_add_distinct_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57601 | 2025-03-22 | 6.1 Medium | ||
| Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter. | ||||