cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21338,https://securityvulnerability.io/vulnerability/CVE-2025-21338,GDI+ Remote Code Execution Vulnerability in Microsoft Products,"A remote code execution vulnerability exists in GDI+ that could allow an attacker to execute arbitrary code on a vulnerable system. This may occur when a user opens a specially crafted image file. Successful exploitation of the vulnerability could allow attackers to install programs; view, change, or delete data; or create new accounts with full user rights. To mitigate the risk, users are advised to ensure their software is up-to-date and to implement appropriate security measures.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation),Microsoft Office For Mac,Microsoft Office Ltsc For Mac 2021,Microsoft Office For iOS,Microsoft Office For Android,Microsoft Office For Universal,Microsoft Office Ltsc For Mac 2024",7.8,HIGH,0.0005300000193528831,false,,false,false,false,,false,false,false,,2025-01-14T18:04:40.697Z,0
CVE-2023-21823,https://securityvulnerability.io/vulnerability/CVE-2023-21823,Windows Graphics Component Remote Code Execution Vulnerability,"A vulnerability within the Windows Graphics Component allows remote code execution, potentially enabling an attacker to execute arbitrary code on a victim’s system. This could occur through specially crafted files or applications, thus leading users to unwittingly give malicious actors access to sensitive information or system capabilities. It is essential for users and administrators to apply security updates promptly to mitigate risks associated with this vulnerability.",Microsoft,"Microsoft Office For Android,Microsoft Office For Universal,Microsoft Office For iOS,Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 20h2,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.8,HIGH,0.5052499771118164,true,2023-02-14T00:00:00.000Z,false,false,true,2023-02-14T00:00:00.000Z,true,false,false,,2023-02-14T21:15:00.000Z,0
CVE-2019-1084,https://securityvulnerability.io/vulnerability/CVE-2019-1084,,"An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.",Microsoft,"Microsoft Exchange Server,Microsoft Outlook,Microsoft Office,Microsoft Lync,Microsoft Lync Basic,Microsoft Outlook For Android,Skype For Business,Skype For Business Basic,Office 365 Proplus,Microsoft Exchange Server 2016,Microsoft Exchange Server 2019,Microsoft Exchange Server 2013,Mail And Calendar,Outlook For iOS",6.5,MEDIUM,0.0025100000202655792,false,,false,false,false,,,false,false,,2019-07-15T18:56:21.000Z,0