CVE Database

37604+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-43574
7.8 HIGH

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the …

Jun 10, 2025
CVE-2025-43573
7.8 HIGH

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the …

Jun 10, 2025
CVE-2025-43550
7.8 HIGH

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the …

Jun 10, 2025
CVE-2025-30327
7.8 HIGH

InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context …

Jun 10, 2025
CVE-2025-5943
8.8 HIGH

MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations …

Jun 10, 2025
CVE-2025-43588
7.8 HIGH

Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jun 10, 2025
CVE-2025-43581
7.8 HIGH

Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jun 10, 2025
CVE-2025-36575
7.5 HIGH

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access …

Jun 10, 2025
CVE-2025-36574
8.2 HIGH

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially exploit this …

Jun 10, 2025
CVE-2025-5969
8.8 HIGH

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou …

Jun 10, 2025
CVE-2025-47977
8.2 HIGH

Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an unauthorized attacker to perform spoofing over a network.

Jun 10, 2025
CVE-2025-47968
7.8 HIGH

Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.

Jun 10, 2025
CVE-2025-47962
7.8 HIGH

Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally.

Jun 10, 2025
CVE-2025-47957
8.4 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47955
7.8 HIGH

Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

Jun 10, 2025
CVE-2025-47953
8.4 HIGH

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47176
7.8 HIGH

'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47175
7.8 HIGH

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47174
7.8 HIGH

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47173
7.8 HIGH

Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47172
8.8 HIGH

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a …

Jun 10, 2025
CVE-2025-47170
7.8 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47169
7.8 HIGH

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47168
7.8 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47167
8.4 HIGH

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47166
8.8 HIGH

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Jun 10, 2025
CVE-2025-47165
7.8 HIGH

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47164
8.4 HIGH

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47163
8.8 HIGH

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Jun 10, 2025
CVE-2025-47162
8.4 HIGH

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 10, 2025
CVE-2025-47108
7.8 HIGH

Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jun 10, 2025
CVE-2025-43593
7.8 HIGH

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jun 10, 2025
CVE-2025-43590
7.8 HIGH

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jun 10, 2025
CVE-2025-43589
7.8 HIGH

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …

Jun 10, 2025
CVE-2025-43558
7.8 HIGH

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Jun 10, 2025
CVE-2025-33112
8.4 HIGH

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to …

Jun 10, 2025
CVE-2025-33075
7.8 HIGH

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

Jun 10, 2025
CVE-2025-33073
8.8 HIGH KEV

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

Jun 10, 2025
CVE-2025-33071
8.1 HIGH

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

Jun 10, 2025
CVE-2025-33070
8.1 HIGH

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

Jun 10, 2025
CVE-2025-33068
7.5 HIGH

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

Jun 10, 2025
CVE-2025-33067
8.4 HIGH

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

Jun 10, 2025
CVE-2025-33066
8.8 HIGH

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Jun 10, 2025
CVE-2025-33064
8.8 HIGH

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Jun 10, 2025
CVE-2025-33056
7.5 HIGH

Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.

Jun 10, 2025
CVE-2025-33053
8.8 HIGH KEV

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.

Jun 10, 2025
CVE-2025-33050
7.5 HIGH

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

Jun 10, 2025
CVE-2025-32725
7.5 HIGH

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

Jun 10, 2025
CVE-2025-32724
7.5 HIGH

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

Jun 10, 2025
CVE-2025-32721
7.3 HIGH

Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.

Jun 10, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.