Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 11 23h2*

1083 matches found

CVE
CVEadded 2025/08/12 6:15 p.m.19 views

CVE-2025-48807

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.

6.7CVSS7.5AI score0.00041EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.19 views

CVE-2025-50173

Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.3AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.19 views

CVE-2025-53131

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00065EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.19 views

CVE-2025-53143

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00343EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.18 views

CVE-2025-53721

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

7CVSS7.5AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.18 views

CVE-2025-53722

Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.

7.5CVSS7.1AI score0.01673EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.17 views

CVE-2025-50176

Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.

7.8CVSS7.5AI score0.00122EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.17 views

CVE-2025-53140

Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally.

7CVSS7.5AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.17 views

CVE-2025-53155

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.17 views

CVE-2025-53789

Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.

7.8CVSS7.4AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.16 views

CVE-2025-49761

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.16 views

CVE-2025-53723

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00122EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.16 views

CVE-2025-53724

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00122EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-49762

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS7.3AI score0.00041EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-50153

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-50159

Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.

7.3CVSS7.6AI score0.00059EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-50167

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7CVSS7.2AI score0.00041EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-50168

Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00122EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53135

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.

7CVSS7.2AI score0.00041EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53142

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

7CVSS7.5AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53144

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00343EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53145

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00343EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53152

Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.

7.8CVSS7.9AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53154

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53716

Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

6.5CVSS7AI score0.00162EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.15 views

CVE-2025-53726

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00122EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-50155

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00122EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-50161

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7.3CVSS7.6AI score0.00059EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-50166

Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network.

6.5CVSS7AI score0.00103EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-50170

Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-53134

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS7.3AI score0.00042EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-53137

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS7.6AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-53141

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-53147

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS7.6AI score0.00045EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-53151

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.14 views

CVE-2025-53725

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00122EPSS
CVE
CVEadded 2 days ago14 views

CVE-2025-54107

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

4.3CVSS6.3AI score0.00073EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.13 views

CVE-2025-49743

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

6.7CVSS7.2AI score0.00049EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.13 views

CVE-2025-49751

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

6.8CVSS7.1AI score0.00243EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.13 views

CVE-2025-50172

Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network.

6.5CVSS7.1AI score0.01937EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.13 views

CVE-2025-53136

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally.

5.5CVSS6.6AI score0.00044EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.13 views

CVE-2025-53718

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS7.6AI score0.00045EPSS
CVE
CVEadded 2 days ago12 views

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks.The SMB Server already supports mechanisms for hardening against rel...

8.8CVSS6.7AI score0.00725EPSS
CVE
CVEadded 2 days ago10 views

CVE-2025-54918

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

8.8CVSS6.5AI score0.00077EPSS
CVE
CVEadded 2 days ago7 views

CVE-2025-54110

Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.

8.8CVSS6.6AI score0.00084EPSS
CVE
CVEadded 2 days ago6 views

CVE-2025-53800

No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

7.8CVSS6.3AI score0.00045EPSS
CVE
CVEadded 2 days ago6 views

CVE-2025-54911

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

7.3CVSS6.5AI score0.00057EPSS
CVE
CVEadded 2 days ago6 views

CVE-2025-54912

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00044EPSS
CVE
CVEadded 2 days ago6 views

CVE-2025-55224

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

7.8CVSS7.1AI score0.00036EPSS
CVE
CVEadded 2 days ago6 views

CVE-2025-55228

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

7.8CVSS7.1AI score0.00036EPSS
Total number of security vulnerabilities1083