21727 matches found
Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...
Microsoft Excel Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
Windows License Manager Information Disclosure Vulnerability
Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally...
Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally...
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally...
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally...
Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally...
Windows Subsystem for Linux GUI Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Microsoft OneDrive for Android Elevation of Privilege Vulnerability
Improper limitation of a pathname to a restricted directory 'path traversal' in OneDrive for Android allows an authorized attacker to elevate privileges over a network...
Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
Dynamics 365 Field Service (online) Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...
Microsoft Excel Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability
Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...
Windows WLAN Service Elevation of Privilege Vulnerability
External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally...
Windows Speech Recognition Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows DirectX allows an authorized attacker to elevate privileges locally...
Azure Monitor Agent Remote Code Execution Vulnerability
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally...
Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
Improper limitation of a pathname to a restricted directory 'path traversal' in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally...
Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...
Microsoft SharePoint Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
Microsoft Excel Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Windows Administrator Protection Elevation of Privilege Vulnerability
Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally...
Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...
Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 on-premises allows an unauthorized attacker to disclose information over a network...
Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability
Use after free in Multimedia Class Scheduler Service MMCSS allows an authorized attacker to elevate privileges locally...
Windows Remote Desktop Services Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...
mruby array.c ary_fill_exec out-of-bounds write
...
Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2
...
crypto: rng - Ensure set_ent is always present
...
Chromium: CVE-2025-12729 Inappropriate implementation in Omnibox
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-12728 Inappropriate implementation in Omnibox
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
runc: LSM labels can be bypassed with malicious config using dummy procfs files
...
container escape due to /dev/console mount and related races
...
runc container escape via "masked path" abuse due to mount race conditions
...
KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
...
KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
...
KubeVirt Arbitrary Container File Read
...
KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing
...
KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
...
KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
...