Total 301431 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-29815 1 Microsoft 1 Edge Chromium 2025-07-09 7.6 High
Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.
CVE-2025-47977 1 Microsoft 1 Nuance Digital Engagement Platform 2025-07-09 8.2 High
Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-47969 1 Microsoft 4 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 1 more 2025-07-09 4.4 Medium
Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
CVE-2025-1912 1 Webtoffee 1 Product Import Export For Woocommerce 2025-07-09 7.6 High
The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validate_file() Function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
CVE-2024-40492 1 Heartbeat 2 Heartbeat, Heartbeat Chat 2025-07-09 7.1 High
Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function.
CVE-2025-47968 1 Microsoft 1 Autoupdate 2025-07-09 7.8 High
Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
CVE-2025-47962 1 Microsoft 1 Windows Software Development Kit 2025-07-09 7.8 High
Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally.
CVE-2025-47956 1 Microsoft 1 Windows Security App 2025-07-09 5.5 Medium
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
CVE-2025-47955 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-09 7.8 High
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-47160 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-07-09 5.4 Medium
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-33075 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-09 7.8 High
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-26688 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-07-09 7.8 High
Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.
CVE-2025-26687 1 Microsoft 16 Office, Windows 10 1507, Windows 10 1607 and 13 more 2025-07-09 7.5 High
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-21204 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-09 7.8 High
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
CVE-2025-26665 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-09 7 High
Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.
CVE-2025-26666 1 Microsoft 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more 2025-07-09 7.8 High
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
CVE-2025-26667 1 Microsoft 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more 2025-07-09 6.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-26673 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-09 7.5 High
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
CVE-2025-26679 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-09 7.8 High
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.
CVE-2025-26680 1 Microsoft 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more 2025-07-09 7.5 High
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.