Search
Search Results (1779 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28238 | 1 Monospace | 1 Directus | 2025-01-03 | 2.3 Low |
| Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places (e.g., web server logs, browser history). Attackers gaining access to these logs may hijack active user sessions, leading to unauthorized access to sensitive information or actions on behalf of the user. This issue has been addressed in version 10.10.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2022-21997 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-01-02 | 7.1 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2022-21838 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2025-01-02 | 5.5 Medium |
| Windows Cleanup Manager Elevation of Privilege Vulnerability | ||||
| CVE-2022-21895 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2025-01-02 | 7.8 High |
| Windows User Profile Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-35633 | 1 Microsoft | 6 Windows 10 1507, Windows Server 2008, Windows Server 2008 R2 and 3 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35624 | 1 Microsoft | 1 Azure Connected Machine Agent | 2025-01-01 | 7.3 High |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | ||||
| CVE-2023-36005 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2025-01-01 | 7.5 High |
| Windows Telephony Server Elevation of Privilege Vulnerability | ||||
| CVE-2023-36391 | 1 Microsoft | 2 Windows 11 23h2, Windows 11 23h2 | 2025-01-01 | 7.8 High |
| Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-35379 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2008 R2 | 2025-01-01 | 7.8 High |
| Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability | ||||
| CVE-2023-36903 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2025-01-01 | 7.8 High |
| Windows System Assessment Tool Elevation of Privilege Vulnerability | ||||
| CVE-2023-36876 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2008 R2 | 2025-01-01 | 7.1 High |
| Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability | ||||
| CVE-2023-35310 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2025-01-01 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-32056 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2025-01-01 | 7.8 High |
| Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-32053 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-01-01 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-33163 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 4 more | 2025-01-01 | 7.5 High |
| Windows Network Load Balancing Remote Code Execution Vulnerability | ||||
| CVE-2023-35362 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-01 | 7.8 High |
| Windows Clip Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-35360 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-01-01 | 7 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35353 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2025-01-01 | 7.8 High |
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | ||||
| CVE-2023-35346 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2025-01-01 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-35345 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2025-01-01 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||