Export limit exceeded: 10175 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10175 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10175 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-7234 | 2 Cadsofttools, Irfanview | 3 Cadimage, Cadimage, Irfanview | 2025-07-24 | N/A |
| IrfanView CADImage Plugin CGM File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26074. | ||||
| CVE-2024-53842 | 1 Google | 1 Android | 2025-07-24 | 9.8 Critical |
| In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-3388 | 1 Hitachienergy | 2 Microscada Pro Sys600, Microscada X Sys600 | 2025-07-23 | 8.8 High |
| An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role. | ||||
| CVE-2024-6396 | 1 Aimstack | 1 Aim | 2025-07-23 | N/A |
| A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution. | ||||
| CVE-2025-52577 | 1 Advantech | 1 Iview | 2025-07-23 | 8.8 High |
| A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account. | ||||
| CVE-2025-53475 | 1 Advantech | 1 Iview | 2025-07-23 | 8.8 High |
| A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account. | ||||
| CVE-2024-32925 | 1 Google | 1 Android | 2025-07-22 | 8.8 High |
| In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-47213 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-47212 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-47211 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44687 | 1 Microsoft | 3 Raw Image Extension, Windows 10, Windows 11 | 2025-07-22 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2022-44670 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2025-07-22 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-41076 | 1 Microsoft | 23 Powershell, Windows 10, Windows 10 1507 and 20 more | 2025-07-22 | 8.5 High |
| PowerShell Remote Code Execution Vulnerability | ||||
| CVE-2022-41089 | 1 Microsoft | 16 .net, .net Core, .net Framework and 13 more | 2025-07-22 | 7.8 High |
| .NET Framework Remote Code Execution Vulnerability | ||||
| CVE-2022-26806 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-26805 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-26804 | 1 Microsoft | 1 365 Apps | 2025-07-22 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-44702 | 1 Microsoft | 3 Terminal, Windows 10, Windows 11 | 2025-07-22 | 7.8 High |
| Windows Terminal Remote Code Execution Vulnerability | ||||
| CVE-2022-44695 | 1 Microsoft | 7 365 Apps, Office, Office 2019 and 4 more | 2025-07-22 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2022-44694 | 1 Microsoft | 4 365 Apps, Office, Office 2019 and 1 more | 2025-07-22 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||