Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9385 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-38051 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2025-12-09 7.8 High
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2024-38025 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2025-12-09 7.2 High
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38024 1 Microsoft 1 Sharepoint Server 2025-12-09 7.2 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38023 1 Microsoft 1 Sharepoint Server 2025-12-09 7.2 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-37331 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37332 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37318 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21428 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21415 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21414 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21398 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21373 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21335 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21333 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21332 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38087 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38088 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35264 2 Microsoft, Redhat 4 .net, Visual Studio, Visual Studio 2022 and 1 more 2025-12-09 8.1 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-13543 1 Wordpress 1 Wordpress 2025-12-09 8.8 High
The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'PostGalleryUploader' class functions in all versions up to, and including, 1.12.5. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2025-66631 1 Marimer 1 Csla 2025-12-09 N/A
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer (NDCS) and is vulnerable to remote code execution during deserialization. This vulnerability is fixed in version 6.0.0. To workaround this issue, remove the WcfProxy in data portal configurations.