Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 11 23h2*

1083 matches found

CVE
CVEadded 2 days ago5 views

CVE-2025-49734

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

7CVSS6.4AI score0.00038EPSS
CVE
CVEadded 2 days ago5 views

CVE-2025-54093

Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

7CVSS6.3AI score0.00038EPSS
CVE
CVEadded 2 days ago5 views

CVE-2025-54101

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.

4.8CVSS7AI score0.00048EPSS
CVE
CVEadded 2 days ago5 views

CVE-2025-54916

Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

7.8CVSS7.3AI score0.00059EPSS
CVE
CVEadded 2 days ago5 views

CVE-2025-55236

Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally.

7.3CVSS6.8AI score0.00101EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-53805

Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.

7.5CVSS6.3AI score0.00076EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54092

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00041EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54098

Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS6.4AI score0.00056EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54102

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00045EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54103

Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally.

7.4CVSS6.5AI score0.00042EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54109

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

6.7CVSS6.4AI score0.0013EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54115

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00038EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54895

Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally.

7.8CVSS6.7AI score0.00052EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-54913

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00036EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-55223

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00036EPSS
CVE
CVEadded 2 days ago4 views

CVE-2025-55226

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally.

6.7CVSS7AI score0.00039EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-53801

Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.

7.8CVSS6.4AI score0.00045EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-53802

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00042EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-53804

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

5.5CVSS6AI score0.00053EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-53807

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

7CVSS6.4AI score0.00038EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-53808

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

6.7CVSS6.4AI score0.0013EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-53810

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

6.7CVSS6.4AI score0.0013EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54091

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS6.7AI score0.00062EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54094

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

6.7CVSS6.4AI score0.0013EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54104

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

6.7CVSS6.4AI score0.0013EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54112

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00042EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54114

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to deny service locally.

7CVSS6.5AI score0.00038EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54894

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

7.8CVSS6.3AI score0.00045EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54915

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

6.7CVSS6.4AI score0.00129EPSS
CVE
CVEadded 2 days ago3 views

CVE-2025-54919

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

7.5CVSS7.1AI score0.00039EPSS
CVE
CVEadded 2 days ago2 views

CVE-2025-54099

Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS6.8AI score0.00042EPSS
CVE
CVEadded 2 days ago2 views

CVE-2025-54111

Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00042EPSS
CVE
CVEadded 2 days ago2 views

CVE-2025-54116

Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.

7.3CVSS6.4AI score0.00045EPSS
Total number of security vulnerabilities1083