Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-50164 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-14 | N/A | 8.0 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-8957 | 1 Campcodes | 1 Online Flight Booking Management System | 2025-08-14 | N/A | 9.8 CRITICAL |
| A vulnerability was determined in Campcodes Online Flight Booking Management System 1.0. Affected is an unknown function of the file /flights.php. The manipulation of the argument departure_airport_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-50167 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-14 | N/A | 7.0 HIGH |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-8955 | 1 Code-projects | 1 Hospital Management System | 2025-08-14 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in PHPGurukul Hospital Management System 4.0. This vulnerability affects unknown code of the file /admin/edit-doctor.php. The manipulation of the argument docfees leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-53792 | 1 Microsoft | 1 Azure Portal | 2025-08-14 | N/A | 9.1 CRITICAL |
| Azure Portal Elevation of Privilege Vulnerability | |||||
| CVE-2025-8960 | 1 Campcodes | 1 Online Flight Booking Management System | 2025-08-14 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-53787 | 1 Microsoft | 1 365 Copilot Chat | 2025-08-14 | N/A | 7.5 HIGH |
| Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | |||||
| CVE-2025-53774 | 1 Microsoft | 1 365 Copilot Chat | 2025-08-14 | N/A | 7.5 HIGH |
| Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | |||||
| CVE-2025-53767 | 1 Microsoft | 1 Azure Openai | 2025-08-14 | N/A | 10.0 CRITICAL |
| Azure OpenAI Elevation of Privilege Vulnerability | |||||
| CVE-2025-53771 | 1 Microsoft | 1 Sharepoint Server | 2025-08-14 | N/A | N/A |
| Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-53762 | 1 Microsoft | 1 Purview | 2025-08-14 | N/A | 9.9 CRITICAL |
| Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-49747 | 1 Microsoft | 1 Azure Machine Learning | 2025-08-14 | N/A | 8.8 HIGH |
| Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-49746 | 1 Microsoft | 1 Azure Machine Learning | 2025-08-14 | N/A | 8.8 HIGH |
| Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-47995 | 1 Microsoft | 1 Azure Machine Learning | 2025-08-14 | N/A | 8.8 HIGH |
| Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-36014 | 1 Ibm | 1 Integration Bus For Z\/os | 2025-08-14 | N/A | 6.7 MEDIUM |
| IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory. | |||||
| CVE-2025-47158 | 1 Microsoft | 1 Azure Devops | 2025-08-14 | N/A | 9.0 CRITICAL |
| Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2024-41746 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2025-08-14 | N/A | 6.1 MEDIUM |
| IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-50153 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-08-14 | N/A | 7.8 HIGH |
| Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-50154 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-14 | N/A | 7.5 HIGH |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-50156 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-14 | N/A | 5.7 MEDIUM |
| Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. | |||||