Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 11 23h2*

1036 matches found

CVE
CVEadded 2025/07/08 5:15 p.m.23 views

CVE-2025-49661

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.23 views

CVE-2025-49682

Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

7.3CVSS7AI score0.00067EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.23 views

CVE-2025-49685

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

7CVSS6.9AI score0.00052EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.23 views

CVE-2025-49726

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-47980

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

6.2CVSS6AI score0.00056EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-47985

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-47987

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00078EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-47996

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00078EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-47999

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

6.8CVSS6.5AI score0.00443EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48803

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

6.7CVSS6.5AI score0.00036EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

7.8CVSS7.3AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48806

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

7.8CVSS7.3AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48808

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

5.5CVSS6AI score0.0005EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48816

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00078EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48820

Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00064EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-48821

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

7.1CVSS7AI score0.00306EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-49658

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

5.5CVSS6.1AI score0.00048EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-49675

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.9AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-49678

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00047EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.22 views

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00141EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.22 views

CVE-2025-49725

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.22 views

CVE-2025-49730

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.

7.8CVSS6.4AI score0.01025EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.22 views

CVE-2025-49732

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.22 views

CVE-2025-49733

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.22 views

CVE-2025-49742

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

7.8CVSS7.1AI score0.00078EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-47975

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7CVSS6.6AI score0.00052EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49660

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49664

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.

5.5CVSS6AI score0.0005EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49667

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

7.8CVSS6.6AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49680

Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.

7.3CVSS6.5AI score0.00053EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49687

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

8.8CVSS6.4AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49690

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.

7.4CVSS6.6AI score0.00053EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.21 views

CVE-2025-49693

Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

7.8CVSS6.6AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.21 views

CVE-2025-49727

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7CVSS7AI score0.00052EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.20 views

CVE-2025-47159

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00074EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.20 views

CVE-2025-48811

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

6.7CVSS6.5AI score0.00036EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.20 views

CVE-2025-49665

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

7.8CVSS6.7AI score0.00051EPSS
CVE
CVEadded 4 days ago18 views

CVE-2025-50154

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

7.5CVSS6.6AI score0.001EPSS
CVE
CVEadded 4 days ago14 views

CVE-2025-50171

Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network.

9.1CVSS7.1AI score0.00058EPSS
CVE
CVEadded 4 days ago14 views

CVE-2025-53766

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

9.8CVSS8AI score0.00139EPSS
CVE
CVEadded 4 days ago14 views

CVE-2025-53778

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.3AI score0.00078EPSS
CVE
CVEadded 4 days ago10 views

CVE-2025-50177

Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network.

8.1CVSS7.9AI score0.0008EPSS
CVE
CVEadded 4 days ago10 views

CVE-2025-53132

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network.

8CVSS7.2AI score0.0007EPSS
CVE
CVEadded 4 days ago10 views

CVE-2025-53143

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

8.8CVSS7.5AI score0.003EPSS
CVE
CVEadded 4 days ago9 views

CVE-2025-50176

Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.

7.8CVSS7.5AI score0.00113EPSS
CVE
CVEadded 4 days ago9 views

CVE-2025-53789

Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.

7.8CVSS7.4AI score0.0004EPSS
CVE
CVEadded 4 days ago8 views

CVE-2025-48807

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.

7.5CVSS7.5AI score0.00041EPSS
CVE
CVEadded 4 days ago8 views

CVE-2025-49761

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00045EPSS
CVE
CVEadded 4 days ago8 views

CVE-2025-50158

Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally.

7CVSS6.7AI score0.00041EPSS
CVE
CVEadded 4 days ago8 views

CVE-2025-53131

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.0006EPSS
Total number of security vulnerabilities1036