37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …
Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …
Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …
Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context …
Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of service via …
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of …
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
Use after free in DNS Server allows an unauthorized attacker to execute code over a network.
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.
Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
Free website and port scanning — find vulnerabilities before attackers do.