Search
Search Results (342739 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24502 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-07-08 | 4.3 Medium |
| Windows HTML Platforms Security Feature Bypass Vulnerability | ||||
| CVE-2022-24501 | 1 Microsoft | 1 Vp9 Video Extensions | 2025-07-08 | 7.8 High |
| VP9 Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-24453 | 1 Microsoft | 1 Hevc Video Extensions | 2025-07-08 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-24452 | 1 Microsoft | 1 Hevc Video Extensions | 2025-07-08 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-24451 | 1 Microsoft | 1 Vp9 Video Extensions | 2025-07-08 | 7.8 High |
| VP9 Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-22007 | 1 Microsoft | 1 Hevc Video Extensions | 2025-07-08 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-22006 | 1 Microsoft | 1 Hevc Video Extensions | 2025-07-08 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-23301 | 1 Microsoft | 1 Hevc Video Extensions | 2025-07-08 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-23300 | 1 Microsoft | 1 Raw Image Extension | 2025-07-08 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2022-23299 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-07-08 | 7.8 High |
| Windows PDEV Elevation of Privilege Vulnerability | ||||
| CVE-2022-23298 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-07-08 | 7 High |
| Windows NT OS Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2022-23291 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2025-07-08 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2022-23290 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-07-08 | 7.8 High |
| Windows Inking COM Elevation of Privilege Vulnerability | ||||
| CVE-2022-23266 | 1 Microsoft | 1 Defender For Iot | 2025-07-08 | 7.8 High |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | ||||
| CVE-2022-23265 | 1 Microsoft | 1 Defender For Iot | 2025-07-08 | 7.2 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2022-21990 | 1 Microsoft | 24 Remote Desktop, Windows 10, Windows 10 1507 and 21 more | 2025-07-08 | 8.8 High |
| Remote Desktop Client Remote Code Execution Vulnerability | ||||
| CVE-2022-21977 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2025-07-08 | 3.3 Low |
| Media Foundation Information Disclosure Vulnerability | ||||
| CVE-2023-50191 | 1 Trimble | 1 Sketchup Viewer | 2025-07-08 | N/A |
| Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21785. | ||||
| CVE-2024-11283 | 1 Chimpgroup | 1 Jobcareer | 2025-07-08 | 7.5 High |
| The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. This is due to wp_ajax_google_api_login_callback function not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to access arbitrary candidate accounts. | ||||
| CVE-2024-11284 | 1 Chimpgroup | 1 Jobcareer | 2025-07-08 | 9.8 Critical |
| The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's identity prior to updating their password through the account_settings_save_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. | ||||