21761 matches found
Chromium: CVE-2025-10201 Inappropriate implementation in Mojo
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-10200 Use after free in Serviceworker
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network...
CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion
...
Libssh: memory exhaustion via repeated key exchange in libssh
...
predictable WebSocket mask
...
JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact
...
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
...
VulnCheck: CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json
CVE-2024-21907 addresses a mishandling of exceptional conditions vulnerability in Newtonsoft.Json before version 13.0.1. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the...
Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
Windows Hyper-V Remote Code Execution Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...
MapUrlToZone Security Feature Bypass Vulnerability
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...
Windows Defender Firewall Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...
Windows BitLocker Elevation of Privilege Vulnerability
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally...
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
Microsoft Excel Information Disclosure Vulnerability
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Microsoft Excel Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Windows MultiPoint Services Elevation of Privilege Vulnerability
Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Defender Firewall Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...
Windows Management Service Elevation of Privilege Vulnerability
Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally...
Windows Hyper-V Elevation of Privilege Vulnerability
Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Improper input validation in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to deny service over a network...
Windows SMB Elevation of Privilege Vulnerability
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...
Windows BitLocker Elevation of Privilege Vulnerability
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally...
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally...
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...
Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
MapUrlToZone Security Feature Bypass Vulnerability
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
Windows Defender Firewall Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...
Windows Defender Firewall Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...
Windows TCP/IP Driver Elevation of Privilege Vulnerability
Time-of-check time-of-use toctou race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally...
Windows Defender Firewall Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...
Windows Defender Firewall Service Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally...
Windows Graphics Component Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...
HTTP.sys Denial of Service Vulnerability
Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network...
Windows Kernel-Mode Driver Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...
Windows Bluetooth Service Elevation of Privilege Vulnerability
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...
Windows Kernel Memory Information Disclosure Vulnerability
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...
Windows Graphics Component Elevation of Privilege Vulnerability
No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
Windows Imaging Component Information Disclosure Vulnerability
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...
Microsoft SQL Server Information Disclosure Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in SQL Server allows an authorized attacker to disclose information over a network...
Azure Connected Machine Agent Elevation of Privilege Vulnerability
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...