Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
34,503 matching · page 314/691Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-21236(opens NVD record) | High | 8.8 | Windows Telephony Service Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21235(opens NVD record) | High | 7.8 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21234(opens NVD record) | High | 7.8 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21233(opens NVD record) | High | 8.8 | Windows Telephony Service Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21232(opens NVD record) | Medium | 6.6 | Windows Digital Media Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21231(opens NVD record) | High | 7.5 | IP Helper Denial of Service Vulnerability | Jan 14, 2025 |
| CVE-2025-21230(opens NVD record) | High | 7.5 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Jan 14, 2025 |
| CVE-2025-21229(opens NVD record) | Medium | 6.6 | Windows Digital Media Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21228(opens NVD record) | Medium | 6.6 | Windows Digital Media Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21227(opens NVD record) | Medium | 6.6 | Windows Digital Media Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21226(opens NVD record) | Medium | 6.6 | Windows Digital Media Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21225(opens NVD record) | Medium | 5.9 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Jan 14, 2025 |
| CVE-2025-21224(opens NVD record) | High | 8.1 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21223(opens NVD record) | High | 8.8 | Windows Telephony Service Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21220(opens NVD record) | High | 7.5 | Microsoft Message Queuing Information Disclosure Vulnerability | Jan 14, 2025 |
| CVE-2025-21219(opens NVD record) | Medium | 4.3 | MapUrlToZone Security Feature Bypass Vulnerability | Jan 14, 2025 |
| CVE-2025-21218(opens NVD record) | High | 7.5 | Windows Kerberos Denial of Service Vulnerability | Jan 14, 2025 |
| CVE-2025-21217(opens NVD record) | Medium | 6.5 | Windows NTLM Spoofing Vulnerability | Jan 14, 2025 |
| CVE-2025-21215(opens NVD record) | Medium | 4.6 | Secure Boot Security Feature Bypass Vulnerability | Jan 14, 2025 |
| CVE-2025-21214(opens NVD record) | Medium | 4.2 | Windows BitLocker Information Disclosure Vulnerability | Jan 14, 2025 |
| CVE-2025-21213(opens NVD record) | Medium | 4.6 | Secure Boot Security Feature Bypass Vulnerability | Jan 14, 2025 |
| CVE-2025-21211(opens NVD record) | Medium | 6.8 | Secure Boot Security Feature Bypass Vulnerability | Jan 14, 2025 |
| CVE-2025-21210(opens NVD record) | Medium | 4.2 | Windows BitLocker Information Disclosure Vulnerability | Jan 14, 2025 |
| CVE-2025-21207(opens NVD record) | High | 7.5 | Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | Jan 14, 2025 |
| CVE-2025-21202(opens NVD record) | Medium | 6.1 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21193(opens NVD record) | Medium | 6.5 | Active Directory Federation Server Spoofing Vulnerability | Jan 14, 2025 |
| CVE-2025-21189(opens NVD record) | Medium | 4.3 | MapUrlToZone Security Feature Bypass Vulnerability | Jan 14, 2025 |
| CVE-2025-21187(opens NVD record) | High | 7.8 | Microsoft Power Automate Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21186(opens NVD record) | High | 7.8 | Microsoft Access Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21178(opens NVD record) | High | 8.8 | Visual Studio Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21176(opens NVD record) | High | 8.8 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21173(opens NVD record) | High | 7.3 | .NET Elevation of Privilege Vulnerability | Jan 14, 2025 |
| CVE-2025-21172(opens NVD record) | High | 7.5 | .NET and Visual Studio Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2025-21171(opens NVD record) | High | 7.5 | .NET Remote Code Execution Vulnerability | Jan 14, 2025 |
| CVE-2024-13172(opens NVD record) | High | 7.8 | Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required. | Jan 14, 2025 |
| CVE-2024-13171(opens NVD record) | High | 7.8 | Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required. | Jan 14, 2025 |
| CVE-2024-13170(opens NVD record) | High | 7.5 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service. | Jan 14, 2025 |
| CVE-2024-13169(opens NVD record) | High | 7.8 | An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges. | Jan 14, 2025 |
| CVE-2024-13168(opens NVD record) | High | 7.5 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service. | Jan 14, 2025 |
| CVE-2024-13167(opens NVD record) | High | 7.5 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service. | Jan 14, 2025 |
| CVE-2024-13166(opens NVD record) | High | 7.5 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service. | Jan 14, 2025 |
| CVE-2024-13165(opens NVD record) | High | 7.5 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service. | Jan 14, 2025 |
| CVE-2024-13164(opens NVD record) | High | 7.8 | An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges. | Jan 14, 2025 |
| CVE-2024-13163(opens NVD record) | High | 7.8 | Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required. | Jan 14, 2025 |
| CVE-2024-13162(opens NVD record) | High | 7.2 | SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848. | Jan 14, 2025 |
| CVE-2024-13161(opens NVD record) | Critical | 9.8 | Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | Jan 14, 2025 |
| CVE-2024-13160(opens NVD record) | Critical | 9.8 | Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | Jan 14, 2025 |
| CVE-2024-13159(opens NVD record) | Critical | 9.8 | Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | Jan 14, 2025 |
| CVE-2024-13158(opens NVD record) | High | 7.2 | An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Jan 14, 2025 |
| CVE-2024-12088(opens NVD record) | Medium | 6.5 | A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | Jan 14, 2025 |