Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (23402 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-5419 2 Google, Microsoft 2 Chrome, Edge Chromium 2026-02-26 8.8 High
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-48806 1 Microsoft 25 Mpeg-2 Video Extension, Windows 10 1507, Windows 10 1607 and 22 more 2026-02-26 7.8 High
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVE-2025-48811 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-26 6.7 Medium
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2025-48817 1 Microsoft 28 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 25 more 2026-02-26 8.8 High
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-49660 1 Microsoft 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more 2026-02-26 7.8 High
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
CVE-2025-49667 1 Microsoft 26 Windows, Windows 10, Windows 10 1507 and 23 more 2026-02-26 7.8 High
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2025-49668 1 Microsoft 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more 2026-02-26 8.8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49669 1 Microsoft 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more 2026-02-26 8.8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49673 1 Microsoft 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more 2026-02-26 8.8 High
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49675 1 Microsoft 27 Windows, Windows 10, Windows 10 1507 and 24 more 2026-02-26 7.8 High
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-49678 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-26 7 High
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.
CVE-2025-49682 1 Microsoft 14 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 11 more 2026-02-26 7.3 High
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2025-49685 1 Microsoft 13 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 10 more 2026-02-26 7 High
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49697 1 Microsoft 10 365 Apps, Office, Office 2016 and 7 more 2026-02-26 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49699 1 Microsoft 14 365 Apps, Office, Office 2019 and 11 more 2026-02-26 7 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49700 1 Microsoft 8 365 Apps, Office, Office 2019 and 5 more 2026-02-26 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49703 1 Microsoft 13 365 Apps, Office, Office 2019 and 10 more 2026-02-26 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49706 1 Microsoft 4 Sharepoint Enterprise Server, Sharepoint Server, Sharepoint Server 2016 and 1 more 2026-02-26 6.5 Medium
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-49714 1 Microsoft 2 Python, Visual Studio Code 2026-02-26 7.8 High
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
CVE-2025-47827 2 Igel, Microsoft 16 Igel Os, Windows 10 1507, Windows 10 1607 and 13 more 2026-02-26 4.6 Medium
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.