Lucene search
K

21727 matches found

Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00288EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00417EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•10 views

Windows Kernel Security Feature Bypass Vulnerability

Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally...

6.2CVSS6.6AI score0.0032EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

7CVSS6.9AI score0.00313EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•24 views

PowerShell Elevation of Privilege Vulnerability

Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally...

7.3CVSS6.8AI score0.00434EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•7 views

Azure Monitor Agent Elevation of Privilege Vulnerability

Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00574EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Azure Compute Gallery Elevation of Privilege Vulnerability

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...

8.2CVSS7AI score0.00401EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...

6.5CVSS6.8AI score0.00963EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00522EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•10 views

Azure Local Elevation of Privilege Vulnerability

Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally...

7.8CVSS7.4AI score0.00325EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•4 views

NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in NtQueryInformation Token function ntifs.h allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00202EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Windows Error Reporting Service Elevation of Privilege Vulnerability

Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.02763EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00307EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00267EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Windows BitLocker Security Feature Bypass Vulnerability

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.1CVSS6.6AI score0.00521EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability

Use after free in Connected Devices Platform Service Cdpsvc allows an unauthorized attacker to execute code over a network...

7.5CVSS7.5AI score0.0077EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•4 views

Visual Studio Elevation of Privilege Vulnerability

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...

7.3CVSS6.9AI score0.00335EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•4 views

Virtual Secure Mode Spoofing Vulnerability

Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally...

6.3CVSS6.8AI score0.00229EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Microsoft Failover Cluster Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00557EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•3 views

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...

6.5CVSS6.8AI score0.01369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...

6.2CVSS6.5AI score0.00538EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Windows DWM Core Library Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS7.4AI score0.00387EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS7.4AI score0.01026EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Microsoft Graphics Component Elevation of Privilege Vulnerability

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network...

9.9CVSS7AI score0.01122EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Microsoft SharePoint Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

8.8CVSS7.3AI score0.02245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows Kernel Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00387EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•3 views

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally...

7CVSS7.2AI score0.00313EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•3 views

Data Sharing Service Spoofing Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...

7.7CVSS7AI score0.00734EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability

Improper access control in Network Connection Status Indicator NCSI allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00405EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Windows Authentication Elevation of Privilege Vulnerability

Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally...

7.8CVSS6.8AI score0.00369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00313EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00313EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•8 views

Windows USB Video Class System Driver Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00599EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•4 views

Windows NTFS Elevation of Privilege Vulnerability

Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally...

7.4CVSS7.1AI score0.00238EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•7 views

Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability

...

7.4CVSS7AI score0.00342EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally...

7.4CVSS7AI score0.01783EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Confidential Azure Container Instances Elevation of Privilege Vulnerability

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...

8.2CVSS7AI score0.00401EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•8 views

Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.5AI score0.00575EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•4 views

Windows Authentication Elevation of Privilege Vulnerability

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00344EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•4 views

MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder

Deserialization of untrusted data in Microsoft Windows Codecs Library allows an unauthorized attacker to execute code locally...

9.8CVSS7.3AI score0.01613EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•5 views

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.5AI score0.00409EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

8.4CVSS7.5AI score0.00376EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•1 views

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.5AI score0.0055EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.3AI score0.00479EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•8 views

Microsoft SharePoint Remote Code Execution Vulnerability

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

8.8CVSS7.3AI score0.01243EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Windows Management Services Information Disclosure Vulnerability

Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally...

5.5CVSS6.6AI score0.00468EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•6 views

Windows Kernel Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00554EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/14 2:0 p.m.•2 views

Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.6AI score0.00433EPSS
Exploits0
Total number of security vulnerabilities21727