Total
33595 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3735 | 1 Google | 1 Chrome | 2025-07-09 | 4.3 Medium |
| Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-36908 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-09 | 6.5 Medium |
| Windows Hyper-V Information Disclosure Vulnerability | ||||
| CVE-2023-35380 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-09 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2020-26082 | 1 Cisco | 8 Asyncos, Email Security Appliance C170, Email Security Appliance C190 and 5 more | 2025-07-09 | 5.8 Medium |
| A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected zip files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted zip-compressed file to an affected device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. | ||||
| CVE-2025-46717 | 1 Trifectatech | 1 Sudo | 2025-07-09 | 3.3 Low |
| sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using `sudo --list <pathname>`. Users with local access to a machine can discover the existence/non-existence of certain files, revealing potentially sensitive information in the file names. This information can also be used in conjunction with other attacks. Version 0.2.6 fixes the vulnerability. | ||||
| CVE-2025-46718 | 1 Trifectatech | 1 Sudo | 2025-07-09 | 3.3 Low |
| sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users' permissions. Attackers can collect information that can be used to more targeted attacks. Systems where users either do not have sudo privileges or have the ability to run all commands as root through sudo (the default configuration on most systems) are not affected by this advisory. Version 0.2.6 fixes the vulnerability. | ||||
| CVE-2025-29448 | 1 Easyappointments | 1 Easy\!appointments | 2025-07-09 | 7.5 High |
| Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability. | ||||
| CVE-2020-1171 | 1 Microsoft | 1 Python | 2025-07-08 | 8.8 High |
| A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192. | ||||
| CVE-2020-1192 | 1 Microsoft | 1 Python | 2025-07-08 | 7.8 High |
| A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171. | ||||
| CVE-2021-28967 | 1 Gimly | 1 Matlab | 2025-07-08 | 9.8 Critical |
| The unofficial MATLAB extension before 2.0.1 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings. | ||||
| CVE-2025-20202 | 1 Cisco | 1 Ios Xe | 2025-07-08 | 7.4 High |
| A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this vulnerability by sending a crafted CDP packet to an AP. A successful exploit could allow the attacker to cause an unexpected reload of the wireless controller that is managing the AP, resulting in a DoS condition that affects the wireless network. | ||||
| CVE-2024-43614 | 1 Microsoft | 1 Defender For Endpoint | 2025-07-08 | 5.5 Medium |
| Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2024-49000 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2025-07-08 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49060 | 1 Microsoft | 1 Azure Stack Hci | 2025-07-08 | 8.8 High |
| Azure Stack HCI Elevation of Privilege Vulnerability | ||||
| CVE-2024-49054 | 1 Microsoft | 1 Edge Chromium | 2025-07-08 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2024-49051 | 1 Microsoft | 1 Pc Manager | 2025-07-08 | 7.8 High |
| Microsoft PC Manager Elevation of Privilege Vulnerability | ||||
| CVE-2024-49048 | 1 Microsoft | 1 Torchgeo | 2025-07-08 | 8.1 High |
| TorchGeo Remote Code Execution Vulnerability | ||||
| CVE-2024-49033 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-07-08 | 7.5 High |
| Microsoft Word Security Feature Bypass Vulnerability | ||||
| CVE-2024-49032 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-08 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2024-49031 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-08 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||