Search

Expected end of text, found '.' (at char 13), (line:1, col:14)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (332282 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-13444 1 Progress 6 Connection Manager For Objectscale*, Ecs Connection Manager, Loadmaster and 3 more 2026-02-10 8.4 High
OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters
CVE-2026-24918 1 Huawei 2 Emui, Harmonyos 2026-02-10 6.8 Medium
Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-55683 1 Microsoft 8 Windows, Windows Server, Windows Server 2016 and 5 more 2026-02-10 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-59184 1 Microsoft 7 Windows Server, Windows Server 2016, Windows Server 2019 and 4 more 2026-02-10 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally.
CVE-2025-59500 1 Microsoft 2 Azure, Azure Notification Service 2026-02-10 7.7 High
Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
CVE-2025-59503 1 Microsoft 2 Azure, Azure Compute Resource Provider 2026-02-10 10 Critical
Server-side request forgery (ssrf) in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-59273 1 Microsoft 3 Azure, Azure Event Grid, Azure Event Grid System 2026-02-10 7.3 High
Improper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-59286 1 Microsoft 4 365, 365 Copilot, 365 Copilot Business Chat and 1 more 2026-02-10 9.3 Critical
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2025-55321 1 Microsoft 1 Azure Monitor 2026-02-10 9.3 Critical
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-59272 1 Microsoft 4 365, 365 Copilot, 365 Copilot Business Chat and 1 more 2026-02-10 9.3 Critical
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform information disclosure locally.
CVE-2025-59271 1 Microsoft 3 Azure Cache For Redis, Azure Cache For Redis Enterprise, Azure Managed Redis 2026-02-10 8.7 High
Redis Enterprise Elevation of Privilege Vulnerability
CVE-2025-59252 1 Microsoft 3 365, 365 Copilot, 365 Word Copilot 2026-02-10 9.3 Critical
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2025-59247 1 Microsoft 2 Azure, Azure Playfab 2026-02-10 8.8 High
Azure PlayFab Elevation of Privilege Vulnerability
CVE-2025-59246 1 Microsoft 2 Entra Id, Microsoft Entra Id 2026-02-10 9.8 Critical
Azure Entra ID Elevation of Privilege Vulnerability
CVE-2025-59218 1 Microsoft 2 Entra Id, Microsoft Entra Id 2026-02-10 9.6 Critical
Azure Entra ID Elevation of Privilege Vulnerability
CVE-2025-59289 1 Microsoft 19 Windows, Windows 10, Windows 10 21h2 and 16 more 2026-02-10 7 High
Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59287 1 Microsoft 12 Server, Server Service, Windows Server and 9 more 2026-02-10 9.8 Critical
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
CVE-2025-59278 1 Microsoft 28 Windows, Windows 10, Windows 10 1507 and 25 more 2026-02-10 7.8 High
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
CVE-2025-59275 1 Microsoft 28 Windows, Windows 10, Windows 10 1507 and 25 more 2026-02-10 7.8 High
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
CVE-2025-59260 1 Microsoft 8 Server, Windows Server, Windows Server 2016 and 5 more 2026-02-10 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.