Search

Expected end of text, found '.' (at char 24), (line:1, col:25)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (352624 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-60724 1 Microsoft 32 365 Copilot, Graphics Component, Office and 29 more 2026-05-22 9.8 Critical
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2025-59234 1 Microsoft 11 365, 365 Apps, 365 Copilot and 8 more 2026-05-22 7.8 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53799 1 Microsoft 26 365 Copilot, Office, Windows 10 1507 and 23 more 2026-05-22 5.5 Medium
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVE-2025-53732 1 Microsoft 2 365 Copilot, Office 2026-05-22 7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49702 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 7.8 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49697 1 Microsoft 11 365 Apps, 365 Copilot, Office and 8 more 2026-05-22 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49695 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47167 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47162 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-30388 1 Microsoft 29 365 Copilot, Office, Office Long Term Servicing Channel and 26 more 2026-05-22 7.8 High
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-26687 1 Microsoft 26 365 Copilot, Office, Windows 10 1507 and 23 more 2026-05-22 7.5 High
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2024-38250 1 Microsoft 26 365 Copilot, Office, Office Long Term Servicing Channel and 23 more 2026-05-22 7.8 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36565 1 Microsoft 3 365 Copilot, Office, Office Long Term Servicing Channel 2026-05-22 7 High
Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2023-23391 1 Microsoft 2 365 Copilot, Office 2026-05-22 5.5 Medium
Office for Android Spoofing Vulnerability
CVE-2025-47953 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47164 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-23246 1 Linux 1 Linux Kernel 2026-05-22 8.8 High
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration link_id is taken from the ML Reconfiguration element (control & 0x000f), so it can be 0..15. link_removal_timeout[] has IEEE80211_MLD_MAX_NUM_LINKS (15) elements, so index 15 is out-of-bounds. Skip subelements with link_id >= IEEE80211_MLD_MAX_NUM_LINKS to avoid a stack out-of-bounds write.
CVE-2026-5434 1 Honeywell 3 Control Network Module, Control Network Module (cnm), Control Network Module Firmware 2026-05-22 5.9 Medium
Honeywell Control Network Module (CNM) contains insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing system files, potentially resulting in unintended access to protected data.
CVE-2026-5433 1 Honeywell 3 Control Network Module, Control Network Module (cnm), Control Network Module Firmware 2026-05-22 9.1 Critical
Honeywell Control Network Module (CNM) contains command injection vulnerability in the web interface. An attacker could exploit this vulnerability via command delimiters, potentially resulting in Remote Code Execution (RCE).