Export limit exceeded: 16992 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-22890 1 Hummingheads 1 Defense Platform 2026-02-04 8.8 High
Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained.
CVE-2025-20094 1 Hummingheads 1 Defense Platform 2026-02-04 N/A
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege.
CVE-2025-22894 1 Hummingheads 1 Defense Platform 2026-02-04 8.8 High
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a result, an arbitrary DLL may be executed with SYSTEM privilege.
CVE-2025-23236 1 Hummingheads 1 Defense Platform 2026-02-04 N/A
Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained.
CVE-2025-24483 1 Hummingheads 1 Defense Platform 2026-01-30 5.5 Medium
NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition.
CVE-2025-24845 1 Hummingheads 1 Defense Platform 2026-01-30 5.5 Medium
Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition.