Export limit exceeded: 13795 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10011 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53475 | 1 Advantech | 1 Iview | 2025-07-23 | 8.8 High |
| A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account. | ||||
| CVE-2025-54073 | 1 Sammcj | 1 Mcp-package-docs | 2025-07-23 | 7.5 High |
| mcp-package-docs is an MCP (Model Context Protocol) server that provides LLMs with efficient access to package documentation across multiple programming languages and language server protocol (LSP) capabilities. A command injection vulnerability exists in the `mcp-package-docs` MCP Server prior to the fix in commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.exec`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (`|`, `>`, `&&`, etc.). Commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9 in version 0.1.27 contains a fix for the issue, but upgrading to 0.1.28 is recommended. | ||||
| CVE-2025-54071 | 1 Rommapp | 1 Romm | 2025-07-23 | N/A |
| RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. In versions 4.0.0-beta.3 and below, an authenticated arbitrary file write vulnerability exists in the /api/saves endpoint. This can lead to Remote Code Execution on the system. The vulnerability permits arbitrary file write operations, allowing attackers to create or modify files at any filesystem location with user-supplied content. A user with viewer role or Scope.ASSETS_WRITE permission or above is required to pass authentication checks. The vulnerability is fixed in version 4.0.0-beta.4. | ||||
| CVE-2024-32925 | 1 Google | 1 Android | 2025-07-22 | 8.8 High |
| In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-47213 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-47212 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-47211 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44687 | 1 Microsoft | 3 Raw Image Extension, Windows 10, Windows 11 | 2025-07-22 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2022-44670 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2025-07-22 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-41076 | 1 Microsoft | 23 Powershell, Windows 10, Windows 10 1507 and 20 more | 2025-07-22 | 8.5 High |
| PowerShell Remote Code Execution Vulnerability | ||||
| CVE-2022-41089 | 1 Microsoft | 16 .net, .net Core, .net Framework and 13 more | 2025-07-22 | 7.8 High |
| .NET Framework Remote Code Execution Vulnerability | ||||
| CVE-2022-26806 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-26805 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-26804 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44702 | 1 Microsoft | 3 Terminal, Windows 10, Windows 11 | 2025-07-22 | 7.8 High |
| Windows Terminal Remote Code Execution Vulnerability | ||||
| CVE-2022-44695 | 1 Microsoft | 7 365 Apps, Office, Office 2019 and 4 more | 2025-07-22 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44694 | 1 Microsoft | 4 365 Apps, Office, Office 2019 and 1 more | 2025-07-22 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44693 | 1 Microsoft | 7 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Foundation 2013 and 4 more | 2025-07-22 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-44692 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44690 | 1 Microsoft | 6 Sharepoint Foundation, Sharepoint Foundation 2013, Sharepoint Server and 3 more | 2025-07-22 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||