Lucene search
K

21761 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/11 6:17 p.m.•8 views

Chromium: CVE-2025-10201 Inappropriate implementation in Mojo

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.4AI score0.00258EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/11 6:17 p.m.•5 views

Chromium: CVE-2025-10200 Use after free in Serviceworker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.4AI score0.00589EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/11 2:0 p.m.•123 views

Agentic AI and Visual Studio Code Remote Code Execution Vulnerability

Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network...

9.8CVSS8.1AI score0.00849EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/11 8:1 a.m.•4 views

CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion

...

7.1CVSS7AI score0.00407EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/11 8:1 a.m.•2 views

Libssh: memory exhaustion via repeated key exchange in libssh

...

3.1CVSS7AI score0.00375EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/11 8:1 a.m.•4 views

predictable WebSocket mask

...

6.5CVSS5.4AI score0.00466EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/11 8:1 a.m.•2 views

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

...

7.5CVSS7AI score0.00603EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 8:1 a.m.•9 views

NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

...

7.8CVSS7AI score0.00181EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•9 views

VulnCheck: CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json

CVE-2024-21907 addresses a mishandling of exceptional conditions vulnerability in Newtonsoft.Json before version 13.0.1. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the...

7.5CVSS7.7AI score0.32908EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•12 views

Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS7.7AI score0.01249EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Windows Hyper-V Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

7.8CVSS7.6AI score0.00299EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

MapUrlToZone Security Feature Bypass Vulnerability

Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

4.3CVSS6.8AI score0.00842EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...

6.7CVSS6.9AI score0.00465EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•8 views

Windows BitLocker Elevation of Privilege Vulnerability

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally...

7.3CVSS7.1AI score0.00619EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.7AI score0.00534EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Microsoft Excel Information Disclosure Vulnerability

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...

5.5CVSS6.6AI score0.00601EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•5 views

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.7AI score0.0054EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows MultiPoint Services Elevation of Privilege Vulnerability

Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally...

7.3CVSS6.9AI score0.00489EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•8 views

Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00386EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

8.8CVSS7.8AI score0.00843EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•8 views

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...

6.7CVSS6.9AI score0.0045EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•6 views

Windows Management Service Elevation of Privilege Vulnerability

Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally...

7.4CVSS7.1AI score0.00382EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows Hyper-V Elevation of Privilege Vulnerability

Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.02586EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00314EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Windows Hyper-V Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

7.8CVSS7.2AI score0.00417EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Improper input validation in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to deny service over a network...

6.5CVSS5.4AI score0.01367EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•14 views

Windows SMB Elevation of Privilege Vulnerability

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

9.8CVSS7.2AI score0.18834EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows BitLocker Elevation of Privilege Vulnerability

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00471EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally...

7CVSS6.7AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.0035EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•6 views

MapUrlToZone Security Feature Bypass Vulnerability

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

4.3CVSS6.8AI score0.00855EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•6 views

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...

6.7CVSS6.9AI score0.0045EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...

6.7CVSS6.9AI score0.00435EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•10 views

Windows TCP/IP Driver Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

7CVSS6.9AI score0.00349EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...

6.7CVSS6.9AI score0.00435EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...

6.7CVSS6.9AI score0.0045EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows Graphics Component Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.7AI score0.01079EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•5 views

HTTP.sys Denial of Service Vulnerability

Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network...

7.5CVSS6.8AI score0.01345EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•3 views

Windows Kernel-Mode Driver Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00606EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•5 views

Windows Bluetooth Service Elevation of Privilege Vulnerability

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.0035EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Windows Kernel Memory Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00606EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•5 views

Windows Graphics Component Elevation of Privilege Vulnerability

No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00457EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•6 views

Windows Imaging Component Information Disclosure Vulnerability

Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally...

5.5CVSS6.6AI score0.0073EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.0042EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•4 views

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.7AI score0.01079EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•2 views

Microsoft SQL Server Information Disclosure Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in SQL Server allows an authorized attacker to disclose information over a network...

6.5CVSS7.3AI score0.00765EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/09 7:0 a.m.•7 views

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00319EPSS
Exploits0
Total number of security vulnerabilities21761