Lucene search
K

22096 matches found

Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

GitHub: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability

CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. GitHub created th...

8.6CVSS6.1AI score0.00314EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Out-of-bounds read in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...

8.8CVSS6.5AI score0.00328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00805EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

6.5CVSS7.5AI score0.00852EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00921EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows Event Tracing Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00355EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability

Missing support for integrity check in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

6.7CVSS6.6AI score0.00258EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Microsoft PC Manager Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00326EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Notification Elevation of Privilege Vulnerability

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00273EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Microsoft SharePoint Remote Code Execution Vulnerability

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

8.8CVSS6.9AI score0.00834EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.4AI score0.00595EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...

7.1CVSS7.1AI score0.00435EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•24 views

Remote Desktop Client Remote Code Execution Vulnerability

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

8.8CVSS7AI score0.00935EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00281EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00868EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Imaging Component Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally...

6.2CVSS6.1AI score0.00576EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Storage VSP Driver Elevation of Privilege Vulnerability

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•20 views

Microsoft Configuration Manager Remote Code Execution Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network...

8CVSS7AI score0.0204EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•9 views

GitHub: CVE-2025-48386 Git Credential Helper Vulnerability

CVE-2025-48386 is regarding a vulnerability in Git where the wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending...

6.3CVSS6.3AI score0.00324EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Miracast Wireless Display Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network...

8CVSS7.5AI score0.00451EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00805EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00902EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Graphics Component Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.0071EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00574EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Print Spooler Denial of Service Vulnerability

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network...

5.7CVSS6.6AI score0.00484EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

7CVSS7.4AI score0.00326EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00748EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

7.8CVSS6.7AI score0.00485EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows AppX Deployment Service Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00399EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...

7.1CVSS6.6AI score0.00325EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows BitLocker Security Feature Bypass Vulnerability

Time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.8CVSS5.8AI score0.00412EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.0038EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•2 views

Remote Desktop Licensing Service Security Feature Bypass Vulnerability

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network...

7.5CVSS7AI score0.01011EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

HID Class Driver Elevation of Privilege Vulnerability

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00352EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Secure Kernel Mode Information Disclosure Vulnerability

Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally...

5.5CVSS6.4AI score0.00446EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

Missing support for integrity check in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

6.7CVSS6.6AI score0.00258EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Secure Kernel Mode Information Disclosure Vulnerability

Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.4AI score0.00426EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Kerberos Denial of Service Vulnerability

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network...

6.5CVSS6.5AI score0.01905EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows StateRepository API Server file Tampering Vulnerability

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...

8.8CVSS6.6AI score0.00305EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

GitHub: CVE-2025-48384 Git Symlink Vulnerability

CVE-2025-48384 is regarding a vulnerability in Git where when reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a...

8CVSS7.1AI score0.02775EPSS
Exploits9
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an unauthorized attacker to elevate privileges locally...

7.4CVSS6.7AI score0.00248EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Azure Service Fabric Runtime Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Service Fabric allows an authorized attacker to elevate privileges locally...

6CVSS6.6AI score0.00323EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

AMD: CVE-2024-36357 Transient Scheduler Attack in L1 Data Queue

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protecti...

5.6CVSS7.4AI score0.00298EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Graphics Component Remote Code Execution Vulnerability

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally...

7.8CVSS7.2AI score0.00273EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00586EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Microsoft SQL Server Information Disclosure Vulnerability

Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.8AI score0.02774EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Microsoft SharePoint Remote Code Execution Vulnerability

Improper control of generation of code 'code injection' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

8.8CVSS7AI score0.99907EPSS
Exploits7
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00558EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Microsoft Office Remote Code Execution Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7AI score0.00512EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00513EPSS
Exploits0
Total number of security vulnerabilities22096