Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
34,799 matching · page 380/696Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2024-30091(opens NVD record) | High | 7.8 | Win32k Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30090(opens NVD record) | High | 7.0 | Microsoft Streaming Service Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30089(opens NVD record) | High | 7.8 | Microsoft Streaming Service Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30088(opens NVD record) | High | 7.0 | Windows Kernel Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30087(opens NVD record) | High | 7.8 | Win32k Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30086(opens NVD record) | High | 7.8 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30085(opens NVD record) | High | 7.8 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30084(opens NVD record) | High | 7.0 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30083(opens NVD record) | High | 7.5 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Jun 11, 2024 |
| CVE-2024-30082(opens NVD record) | High | 7.8 | Win32k Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30080(opens NVD record) | Critical | 9.8 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30078(opens NVD record) | High | 8.8 | Windows Wi-Fi Driver Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30077(opens NVD record) | High | 8.0 | Windows OLE Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30076(opens NVD record) | Medium | 6.8 | Windows Container Manager Service Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30075(opens NVD record) | High | 8.0 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30074(opens NVD record) | High | 8.0 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30072(opens NVD record) | High | 7.8 | Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30070(opens NVD record) | High | 7.5 | DHCP Server Service Denial of Service Vulnerability | Jun 11, 2024 |
| CVE-2024-30069(opens NVD record) | Medium | 4.7 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Jun 11, 2024 |
| CVE-2024-30068(opens NVD record) | High | 8.8 | Windows Kernel Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30067(opens NVD record) | Medium | 5.5 | Winlogon Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30066(opens NVD record) | Medium | 5.5 | Winlogon Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30065(opens NVD record) | Medium | 5.5 | Windows Themes Denial of Service Vulnerability | Jun 11, 2024 |
| CVE-2024-30064(opens NVD record) | High | 8.8 | Windows Kernel Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-30063(opens NVD record) | Medium | 6.7 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30062(opens NVD record) | High | 7.8 | Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-30052(opens NVD record) | Medium | 4.7 | Visual Studio Remote Code Execution Vulnerability | Jun 11, 2024 |
| CVE-2024-29060(opens NVD record) | Medium | 6.7 | Visual Studio Elevation of Privilege Vulnerability | Jun 11, 2024 |
| CVE-2024-5813(opens NVD record) | Medium | 5.9 | A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response. | Jun 11, 2024 |
| CVE-2024-5812(opens NVD record) | Low | 3.3 | A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request. | Jun 11, 2024 |
| CVE-2024-31495(opens NVD record) | Medium | 4.3 | A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiPortal versions 7.0.0 through 7.0.6 and version 7.2.0 allows privileged user to obtain unauthorized information via the report download functionality. | Jun 11, 2024 |
| CVE-2024-26010(opens NVD record) | High | 7.5 | A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets. | Jun 11, 2024 |
| CVE-2024-23111(opens NVD record) | Medium | 6.8 | An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests. | Jun 11, 2024 |
| CVE-2024-23110(opens NVD record) | High | 7.8 | A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands | Jun 11, 2024 |
| CVE-2024-21754(opens NVD record) | Low | 1.8 | A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file. | Jun 11, 2024 |
| CVE-2023-46720(opens NVD record) | Medium | 6.7 | A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands. | Jun 11, 2024 |
| CVE-2023-23775(opens NVD record) | Medium | 6.5 | Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerabilities [CWE-89] in FortiSOAR 7.2.0 and before 7.0.3 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. | Jun 11, 2024 |
| CVE-2024-5692(opens NVD record) | Medium | 6.5 | On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. | Jun 11, 2024 |
| CVE-2020-11843(opens NVD record) | Medium | 6.5 | This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before | Jun 11, 2024 |
| CVE-2024-37130(opens NVD record) | High | 7.3 | Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise. | Jun 11, 2024 |
| CVE-2022-37020(opens NVD record) | Medium | 6.8 | Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | Jun 10, 2024 |
| CVE-2022-37019(opens NVD record) | Medium | 6.8 | Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | Jun 10, 2024 |
| CVE-2024-37289(opens NVD record) | High | 7.8 | An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |
| CVE-2024-36473(opens NVD record) | Medium | 5.3 | Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges. | Jun 10, 2024 |
| CVE-2024-36359(opens NVD record) | Medium | 5.4 | A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |
| CVE-2024-36358(opens NVD record) | High | 7.8 | A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |
| CVE-2024-36307(opens NVD record) | Medium | 4.7 | A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |
| CVE-2024-36306(opens NVD record) | Medium | 6.1 | A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |
| CVE-2024-36305(opens NVD record) | High | 7.8 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |
| CVE-2024-36304(opens NVD record) | High | 7.8 | A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Jun 10, 2024 |