Lucene search
K

22096 matches found

Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Office Developer Platform Security Feature Bypass Vulnerability

Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally...

3.3CVSS6.7AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability

Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...

8.1CVSS7.4AI score0.01061EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Notification Elevation of Privilege Vulnerability

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows StateRepository API Server file Tampering Vulnerability

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...

8.8CVSS6.6AI score0.00305EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•9 views

Microsoft SQL Server Information Disclosure Vulnerability

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.7AI score0.1017EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

GitHub: CVE-2025-48384 Git Symlink Vulnerability

CVE-2025-48384 is regarding a vulnerability in Git where when reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a...

8CVSS7.1AI score0.02775EPSS
Exploits9
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

GitHub: CVE-2025-46334 Git Malicious Shell Vulnerability

CVE-2025-46334 is regarding a vulnerability in Git GUI Windows only where a malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects...

8.6CVSS6.2AI score0.00261EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

GitHub: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability

CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. GitHub created th...

8.6CVSS6.1AI score0.00314EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Microsoft SQL Server Remote Code Execution Vulnerability

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network...

8.5CVSS7.9AI score0.00917EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00457EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Microsoft Office Elevation of Privilege Vulnerability

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally...

8.6CVSS6.5AI score0.0281EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Integer overflow or wraparound in Virtual Hard Disk VHDX allows an unauthorized attacker to elevate privileges locally...

7.8CVSS6.8AI score0.00654EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Out-of-bounds read in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...

8.8CVSS6.5AI score0.00328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows TCP/IP Driver Elevation of Privilege Vulnerability

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.0095EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00805EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•3 views

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.2AI score0.0099EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00805EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

6.5CVSS7.5AI score0.00852EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally...

5.5CVSS6.2AI score0.00446EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•4 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.5AI score0.00902EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•5 views

Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.01677EPSS
Exploits3
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Universal Print Management Service Elevation of Privilege Vulnerability

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally...

8.8CVSS7.1AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•6 views

Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges over a network...

8CVSS6.6AI score0.00518EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.0038EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•7 views

Azure Service Fabric Runtime Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Service Fabric allows an authorized attacker to elevate privileges locally...

6CVSS6.6AI score0.00323EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 2:0 p.m.•8 views

Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability

Protection mechanism failure in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00366EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 7:0 a.m.•10 views

AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protecti...

6.8AI score0.00686EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/08 7:0 a.m.•15 views

AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protecti...

5.6CVSS6.3AI score0.00425EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/02 2:0 p.m.•15 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.8CVSS6.8AI score0.0068EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/02 12:0 a.m.•9 views

Chromium: CVE-2025-6554 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6554 exists in the wild...

8.1CVSS6.9AI score0.06564EPSS
Exploits5
Microsoft CVE
Microsoft CVE
•added 2025/07/01 2:0 p.m.•9 views

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

No cwe for this issue in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.7AI score0.03375EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/06/26 7:0 a.m.•9 views

Chromium: CVE-2025-6557 Insufficient data validation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00177EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/26 7:0 a.m.•4 views

Chromium: CVE-2025-6556 Insufficient policy enforcement in Loader

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00157EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/26 7:0 a.m.•5 views

Chromium: CVE-2025-6555 Use after free in Animation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00158EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/26 7:0 a.m.•18 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

No cwe for this issue in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS7AI score0.00509EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/26 7:0 a.m.•6 views

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Improper input validation in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...

5.6CVSS7.2AI score0.00315EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/26 7:0 a.m.•7 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

5.4CVSS7.3AI score0.00404EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL

...

4.9CVSS7.7AI score0.00716EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.7AI score0.00716EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.7AI score0.00716EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL

...

4CVSS7.7AI score0.00186EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•7 views

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.7AI score0.00716EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•4 views

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.7AI score0.00605EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).

...

2.7CVSS7.7AI score0.00626EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB)

...

6.5CVSS7.7AI score0.00628EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL

...

4.9CVSS7.7AI score0.00716EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL

...

4.9CVSS7.7AI score0.00774EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/23 7:0 a.m.•10 views

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.7AI score0.00774EPSS
Exploits0
Total number of security vulnerabilities22096