Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345788 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-1642 | 1 Microsoft | 1 Office | 2026-04-21 | 7.8 High |
| Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2017-15944 | 1 Paloaltonetworks | 1 Pan-os | 2026-04-21 | 9.8 Critical |
| Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. | ||||
| CVE-2015-2419 | 1 Microsoft | 8 Internet Explorer, Windows 7, Windows 8 and 5 more | 2026-04-21 | 8.8 High |
| JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory Corruption Vulnerability." | ||||
| CVE-2015-2425 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows 8.1 and 3 more | 2026-04-21 | 8.8 High |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2384. | ||||
| CVE-2015-2545 | 1 Microsoft | 1 Office | 2026-04-21 | 7.8 High |
| Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." | ||||
| CVE-2017-8570 | 1 Microsoft | 1 Office | 2026-04-21 | 7.8 High |
| Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243. | ||||
| CVE-2016-0189 | 1 Microsoft | 11 Internet Explorer, Jscript, Vbscript and 8 more | 2026-04-21 | 7.5 High |
| The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0187. | ||||
| CVE-2016-7200 | 1 Microsoft | 5 Edge, Windows 10 1507, Windows 10 1511 and 2 more | 2026-04-21 | 8.8 High |
| The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | ||||
| CVE-2015-5317 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2026-04-21 | 7.5 High |
| The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request. | ||||
| CVE-2015-6175 | 1 Microsoft | 1 Windows 10 1507 | 2026-04-21 | 7.8 High |
| The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability." | ||||
| CVE-2016-0185 | 1 Microsoft | 3 Windows 7, Windows 8.1, Windows Vista | 2026-04-21 | 7.8 High |
| Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability." | ||||
| CVE-2016-3235 | 1 Microsoft | 2 Visio, Visio Viewer | 2026-04-21 | 7.8 High |
| Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." | ||||
| CVE-2016-4523 | 1 Trihedral | 1 Vtscada | 2026-04-21 | 7.5 High |
| The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via unspecified vectors. | ||||
| CVE-2016-7262 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2026-04-21 | 7.8 High |
| Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability." | ||||
| CVE-2017-0101 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2026-04-21 | 7.8 High |
| The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." | ||||
| CVE-2017-11357 | 1 Telerik | 1 Ui For Asp.net Ajax | 2026-04-21 | 9.8 Critical |
| Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. | ||||
| CVE-2017-11774 | 1 Microsoft | 1 Outlook | 2026-04-21 | 7.8 High |
| Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability." | ||||
| CVE-2017-11882 | 1 Microsoft | 1 Office | 2026-04-21 | 7.8 High |
| Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. | ||||
| CVE-2017-6663 | 1 Cisco | 2 Ios, Ios Xe | 2026-04-21 | 6.5 Medium |
| A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. | ||||
| CVE-2016-0034 | 1 Microsoft | 1 Silverlight | 2026-04-21 | 8.8 High |
| Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime Remote Code Execution Vulnerability." | ||||