21767 matches found
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Universal Print Management Service Elevation of Privilege Vulnerability
Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally...
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally...
Microsoft Excel Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Windows Miracast Wireless Display Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network...
Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges over a network...
Remote Desktop Spoofing Vulnerability
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network...
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally...
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
Windows Event Tracing Elevation of Privilege Vulnerability
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally...
Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally...
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
Remote Desktop Client Remote Code Execution Vulnerability
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network...
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Missing support for integrity check in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
Windows Secure Kernel Mode Information Disclosure Vulnerability
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally...
Windows Search Service Elevation of Privilege Vulnerability
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
Microsoft Virtual Hard Disk Remote Code Execution Vulnerability
Integer overflow or wraparound in Virtual Hard Disk VHDX allows an unauthorized attacker to execute code locally...
Windows Shell Elevation of Privilege Vulnerability
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network...
Workspace Broker Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Workspace Broker allows an authorized attacker to elevate privileges locally...
Windows Cryptographic Services Information Disclosure Vulnerability
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network...
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
Windows AppX Deployment Service Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally...
Remote Desktop Licensing Service Security Feature Bypass Vulnerability
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
Windows Storage Port Driver Information Disclosure Vulnerability
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally...
Windows Performance Recorder (WPR) Denial of Service Vulnerability
Improper link resolution before file access 'link following' in Windows Performance Recorder allows an authorized attacker to deny service locally...
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Out-of-bounds read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...
Windows Media Elevation of Privilege Vulnerability
Use after free in Windows Media allows an authorized attacker to elevate privileges locally...
NTFS Elevation of Privilege Vulnerability
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally...
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows User-Mode Driver Framework Host Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally...
Windows BitLocker Security Feature Bypass Vulnerability
Time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
HID Class Driver Elevation of Privilege Vulnerability
Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally...
Windows Secure Kernel Mode Information Disclosure Vulnerability
Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally...
Windows Kernel Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...
Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...
Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
Missing support for integrity check in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...
Windows SMB Server Spoofing Vulnerability
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network...
Windows BitLocker Security Feature Bypass Vulnerability
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue
The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protecti...