Export limit exceeded: 23827 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23827 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53730 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2026-02-13 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-33051 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2026-02-13 | 7.5 High |
| Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53727 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2026-02-13 | 8.8 High |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-49758 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2026-02-13 | 8.8 High |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-49745 | 1 Microsoft | 1 Dynamics 365 | 2026-02-13 | 5.4 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-49751 | 1 Microsoft | 25 Hyper-v, Server, Windows and 22 more | 2026-02-13 | 6.8 Medium |
| Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. | ||||
| CVE-2024-43468 | 1 Microsoft | 4 Configuration Manager, Configuration Manager 2403, Configuration Manager 2409 and 1 more | 2026-02-13 | 9.8 Critical |
| Microsoft Configuration Manager Remote Code Execution Vulnerability | ||||
| CVE-2020-0919 | 1 Microsoft | 1 Windows App | 2026-02-12 | 7.8 High |
| An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'. | ||||
| CVE-2026-23571 | 2 Microsoft, Teamviewer | 3 Windows, Dex, Digital Employee Experience | 2026-02-11 | 6.8 Medium |
| A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated attackers with actioner privilege to run elevated arbitrary commands on connected hosts via malicious commands injected into the instruction’s input field. Users of 1E Client version 24.5 or higher are not affected. | ||||
| CVE-2026-23566 | 2 Microsoft, Teamviewer | 3 Windows, Dex, Digital Employee Experience | 2026-02-11 | 6.5 Medium |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. This can impact log integrity and nonrepudiation. | ||||
| CVE-2025-63372 | 2 Articentgroup, Microsoft | 2 Zip Rar Extractor Tool, Windows | 2026-02-11 | 4.3 Medium |
| Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents. | ||||
| CVE-2026-23564 | 2 Microsoft, Teamviewer | 3 Windows, Dex, Digital Employee Experience | 2026-02-11 | 6.5 Medium |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive information. | ||||
| CVE-2026-23563 | 2 Microsoft, Teamviewer | 3 Windows, Dex, Digital Employee Experience | 2026-02-11 | 5.7 Medium |
| Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction) in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged local attacker to delete protected system files via a crafted RPC control junction or symlink that is followed when the delete instruction executes. | ||||
| CVE-2023-36881 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Ambari Spoofing Vulnerability | ||||
| CVE-2023-35394 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.6 Medium |
| Azure HDInsight Jupyter Notebook Spoofing Vulnerability | ||||
| CVE-2023-35393 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Hive Spoofing Vulnerability | ||||
| CVE-2023-38188 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Hadoop Spoofing Vulnerability | ||||
| CVE-2023-23408 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Ambari Spoofing Vulnerability | ||||
| CVE-2023-36419 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | 8.8 High |
| Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability | ||||
| CVE-2023-36877 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Oozie Spoofing Vulnerability | ||||