21727 matches found
Windows Kernel Elevation of Privilege Vulnerability
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally...
Windows Error Reporting Service Elevation of Privilege Vulnerability
Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally...
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...
Windows Kernel Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...
Windows BitLocker Security Feature Bypass Vulnerability
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Time-of-check time-of-use toctou race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...
Windows Kernel Information Disclosure Vulnerability
Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally...
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally...
Windows BitLocker Security Feature Bypass Vulnerability
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
Windows BitLocker Security Feature Bypass Vulnerability
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
Windows Kernel Security Feature Bypass Vulnerability
Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally...
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...
Windows BitLocker Security Feature Bypass Vulnerability
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
Windows Hyper-V Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability
Use after free in Connected Devices Platform Service Cdpsvc allows an unauthorized attacker to execute code over a network...
.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
Windows Hello Security Feature Bypass Vulnerability
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally...
Xbox IStorageService Elevation of Privilege Vulnerability
Use after free in Xbox allows an authorized attacker to elevate privileges locally...
Windows Digital Media Elevation of Privilege Vulnerability
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally...
Windows Digital Media Elevation of Privilege Vulnerability
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally...
Windows Kernel Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally...
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
PowerShell Elevation of Privilege Vulnerability
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally...
Virtual Secure Mode Spoofing Vulnerability
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally...
Remote Procedure Call Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network...
MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability
tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." MITRE created this...
Azure Monitor Agent Elevation of Privilege Vulnerability
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...
Windows Taskbar Live Preview Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack...
Windows URL Parsing Remote Code Execution Vulnerability
Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network...
Confidential Azure Container Instances Elevation of Privilege Vulnerability
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...
Azure Compute Gallery Elevation of Privilege Vulnerability
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...
Windows Bluetooth Service Elevation of Privilege Vulnerability
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...
Playwright Spoofing Vulnerability
Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network...
Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Inbox COM Objects allows an unauthorized attacker to execute code locally...
Windows NTLM Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...
Xbox Gaming Services Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in XBox Gaming Services allows an authorized attacker to elevate privileges locally...
Microsoft Failover Cluster Information Disclosure Vulnerability
Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally...
GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool
Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...
Windows Authentication Elevation of Privilege Vulnerability
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...
Windows SMB Client Tampering Vulnerability
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network...
Windows Local Session Manager (LSM) Denial of Service Vulnerability
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
Windows Local Session Manager (LSM) Denial of Service Vulnerability
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability
Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...
MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder
Deserialization of untrusted data in Microsoft Windows Codecs Library allows an unauthorized attacker to execute code locally...
Windows DWM Core Library Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
JDBC Driver for SQL Server Spoofing Vulnerability
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...