CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-24444
7.8 HIGH

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Mar 11, 2025
CVE-2025-24443
7.8 HIGH

Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Mar 11, 2025
CVE-2025-24442
7.8 HIGH

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Mar 11, 2025
CVE-2025-24441
7.8 HIGH

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Mar 11, 2025
CVE-2025-24440
7.8 HIGH

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Mar 11, 2025
CVE-2025-24439
7.8 HIGH

Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …

Mar 11, 2025
CVE-2025-0151
8.5 HIGH

Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.

Mar 11, 2025
CVE-2025-0150
7.1 HIGH

Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of service via …

Mar 11, 2025
CVE-2025-27172
7.8 HIGH

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …

Mar 11, 2025
CVE-2025-26645
8.8 HIGH

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Mar 11, 2025
CVE-2025-26634
7.5 HIGH

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.

Mar 11, 2025
CVE-2025-26633
7.0 HIGH KEV

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Mar 11, 2025
CVE-2025-26631
7.3 HIGH

Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-26630
7.8 HIGH

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-26629
7.8 HIGH

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-26627
7.0 HIGH

Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-25008
7.1 HIGH

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-25003
7.3 HIGH

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24998
7.3 HIGH

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24995
7.8 HIGH

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24994
7.3 HIGH

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24993
7.8 HIGH KEV

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24985
7.8 HIGH KEV

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24983
7.0 HIGH KEV

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24084
8.4 HIGH

Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24083
7.8 HIGH

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24082
7.8 HIGH

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24081
7.8 HIGH

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24080
7.8 HIGH

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24079
7.8 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24078
7.0 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24077
7.8 HIGH

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24076
7.3 HIGH

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24075
7.8 HIGH

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24072
7.8 HIGH

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24070
7.0 HIGH

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

Mar 11, 2025
CVE-2025-24067
7.8 HIGH

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24066
7.8 HIGH

Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24064
8.1 HIGH

Use after free in DNS Server allows an unauthorized attacker to execute code over a network.

Mar 11, 2025
CVE-2025-24061
7.8 HIGH

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.

Mar 11, 2025
CVE-2025-24059
7.8 HIGH

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24057
7.8 HIGH

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Mar 11, 2025
CVE-2025-24056
8.8 HIGH

Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.

Mar 11, 2025
CVE-2025-24051
8.8 HIGH

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Mar 11, 2025
CVE-2025-24050
7.8 HIGH

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24049
8.4 HIGH

Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24048
7.8 HIGH

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24046
7.8 HIGH

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Mar 11, 2025
CVE-2025-24045
8.1 HIGH

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

Mar 11, 2025
CVE-2025-24044
7.8 HIGH

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

Mar 11, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.