Lucene search
K

21767 matches found

Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.0038EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Remote Desktop Spoofing Vulnerability

Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6.6AI score0.00828EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Azure Service Fabric Runtime Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Service Fabric allows an authorized attacker to elevate privileges locally...

6CVSS6.6AI score0.00323EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protecti...

5.6CVSS7.1AI score0.00425EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Graphics Component Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.0071EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows SmartScreen Security Feature Bypass Vulnerability

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS6.5AI score0.00748EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Microsoft SQL Server Information Disclosure Vulnerability

Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.8AI score0.02774EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Microsoft SharePoint Remote Code Execution Vulnerability

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

8.8CVSS6.9AI score0.00834EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00513EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Microsoft Virtual Hard Disk Remote Code Execution Vulnerability

Integer overflow or wraparound in Virtual Hard Disk VHDX allows an unauthorized attacker to execute code locally...

7.8CVSS7.3AI score0.01916EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Out-of-bounds read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.2AI score0.0099EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Shell Elevation of Privilege Vulnerability

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Windows Event Tracing Elevation of Privilege Vulnerability

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00352EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...

7.1CVSS6.6AI score0.00325EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

HID Class Driver Elevation of Privilege Vulnerability

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00352EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•23 views

Remote Desktop Client Remote Code Execution Vulnerability

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

8.8CVSS7AI score0.00935EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows BitLocker Security Feature Bypass Vulnerability

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.8CVSS7.9AI score0.10561EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows BitLocker Security Feature Bypass Vulnerability

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.8CVSS5.8AI score0.00547EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•15 views

Windows Update Service Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows Update Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.0103EPSS
Exploits4
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows BitLocker Security Feature Bypass Vulnerability

Time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.8CVSS5.7AI score0.00387EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Storage VSP Driver Elevation of Privilege Vulnerability

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Kerberos Denial of Service Vulnerability

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network...

6.5CVSS6.5AI score0.01905EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

7CVSS6.7AI score0.00316EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•20 views

Microsoft Configuration Manager Remote Code Execution Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network...

8CVSS7AI score0.0204EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00748EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Microsoft SQL Server Remote Code Execution Vulnerability

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network...

8.5CVSS7.9AI score0.00917EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...

5.5CVSS6.1AI score0.00508EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Microsoft PC Manager Elevation of Privilege Vulnerability

Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00331EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00805EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

6.5CVSS7.5AI score0.00852EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00921EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00902EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Windows Event Tracing Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00355EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Buffer over-read in Virtual Hard Disk VHDX allows an unauthorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.0046EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Kernel Information Disclosure Vulnerability

Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.4AI score0.0041EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•10 views

Microsoft Teams Elevation of Privilege Vulnerability

Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network...

3.1CVSS6.5AI score0.00371EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Notification Elevation of Privilege Vulnerability

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability

Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...

8.1CVSS7.4AI score0.01061EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•9 views

GitHub: CVE-2025-48386 Git Credential Helper Vulnerability

CVE-2025-48386 is regarding a vulnerability in Git where the wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending...

6.3CVSS6.3AI score0.00324EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

GitHub: CVE-2025-48385 Git Protocol Injection Vulnerability

CVE-2025-48385 is regarding a vulnerability in Git where when cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised...

8.6CVSS7.2AI score0.00785EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

GitHub: CVE-2025-48384 Git Symlink Vulnerability

CVE-2025-48384 is regarding a vulnerability in Git where when reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a...

8CVSS7.1AI score0.02775EPSS
Exploits9
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

GitHub: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability

CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. GitHub created th...

8.6CVSS6.1AI score0.00314EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Use after free in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...

7.8CVSS7AI score0.00301EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Out-of-bounds read in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...

8.8CVSS6.5AI score0.00328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows TCP/IP Driver Elevation of Privilege Vulnerability

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally...

5.5CVSS6.2AI score0.00446EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00352EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability

Protection mechanism failure in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Microsoft PC Manager Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00326EPSS
Exploits0
Total number of security vulnerabilities21767