Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 11 23h2

450 matches found

CVE
CVEadded 2025/01/14 6:15 p.m.960 views

CVE-2025-21333

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.58455EPSS
In wild
CVE
CVEadded 2025/01/14 6:15 p.m.892 views

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.70558EPSS
CVE
CVEadded 2025/04/08 6:16 p.m.611 views

CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.01608EPSS
In wild
CVE
CVEadded 2025/02/11 6:15 p.m.451 views

CVE-2025-21391

Windows Storage Elevation of Privilege Vulnerability

7.1CVSS7.7AI score0.05102EPSS
In wild
CVE
CVEadded 2025/03/11 5:16 p.m.386 views

CVE-2025-24071

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.3AI score0.51253EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.367 views

CVE-2025-29974

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.

5.7CVSS5.6AI score0.00158EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.351 views

CVE-2025-21337

Windows NTFS Elevation of Privilege Vulnerability

3.3CVSS6AI score0.00089EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.341 views

CVE-2025-21420

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.28657EPSS
CVE
CVEadded 2025/06/10 5:22 p.m.326 views

CVE-2025-33053

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.

8.8CVSS8.8AI score0.27947EPSS
In wild
CVE
CVEadded 2025/03/11 5:16 p.m.323 views

CVE-2025-26633

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

7CVSS6.8AI score0.06628EPSS
In wild
CVE
CVEadded 2025/01/14 6:15 p.m.320 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00174EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.309 views

CVE-2025-21418

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.11464EPSS
In wild
CVE
CVEadded 2025/06/10 5:22 p.m.303 views

CVE-2025-33065

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS
CVE
CVEadded 2025/06/10 5:22 p.m.299 views

CVE-2025-33052

Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00144EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.298 views

CVE-2025-21335

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.05766EPSS
In wild
CVE
CVEadded 2025/01/14 6:15 p.m.296 views

CVE-2025-21334

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.04579EPSS
In wild
CVE
CVEadded 2025/03/11 5:16 p.m.289 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.31507EPSS
In wild
CVE
CVEadded 2025/06/10 5:23 p.m.258 views

CVE-2025-33073

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

8.8CVSS8.7AI score0.0096EPSS
CVE
CVEadded 2025/03/11 5:16 p.m.256 views

CVE-2025-24985

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00938EPSS
In wild
CVE
CVEadded 2025/03/11 5:16 p.m.246 views

CVE-2025-24993

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.02222EPSS
In wild
CVE
CVEadded 2025/03/11 5:16 p.m.240 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.17667EPSS
In wild
CVE
CVEadded 2025/03/11 5:16 p.m.240 views

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

5.5CVSS6.5AI score0.02442EPSS
In wild
CVE
CVEadded 2025/02/11 6:15 p.m.235 views

CVE-2025-21181

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.8AI score0.0823EPSS
CVE
CVEadded 2025/01/14 6:16 p.m.226 views

CVE-2025-21413

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.027EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.224 views

CVE-2025-21230

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01652EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.219 views

CVE-2025-21293

Active Directory Domain Services Elevation of Privilege Vulnerability

8.8CVSS8.8AI score0.75604EPSS
CVE
CVEadded 2025/05/13 5:16 p.m.206 views

CVE-2025-30397

Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.

7.5CVSS7.5AI score0.23075EPSS
In wild
CVE
CVEadded 2025/05/13 5:16 p.m.201 views

CVE-2025-30400

Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.04292EPSS
In wild
CVE
CVEadded 2025/05/13 5:16 p.m.187 views

CVE-2025-32709

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS8AI score0.04332EPSS
In wild
CVE
CVEadded 2025/05/13 5:16 p.m.183 views

CVE-2025-32706

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.13762EPSS
In wild
CVE
CVEadded 2025/05/13 5:16 p.m.177 views

CVE-2025-32701

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.04862EPSS
In wild
CVE
CVEadded 2025/01/14 6:15 p.m.176 views

CVE-2025-21302

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.175 views

CVE-2025-21263

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00149EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.163 views

CVE-2025-21351

Windows Active Directory Domain Services API Denial of Service Vulnerability

7.5CVSS7.9AI score0.06456EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.162 views

CVE-2025-21341

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00149EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.156 views

CVE-2025-21327

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00149EPSS
CVE
CVEadded 2025/03/11 5:16 p.m.154 views

CVE-2025-24076

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.

7.3CVSS7.2AI score0.01595EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.141 views

CVE-2025-21245

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.135 views

CVE-2025-21204

Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.0053EPSS
CVE
CVEadded 2025/01/17 1:15 a.m.135 views

CVE-2025-21325

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00632EPSS
CVE
CVEadded 2025/01/14 6:16 p.m.133 views

CVE-2025-21417

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.027EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.132 views

CVE-2025-21310

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.131 views

CVE-2025-21260

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.130 views

CVE-2025-21211

Secure Boot Security Feature Bypass Vulnerability

6.8CVSS6.6AI score0.00178EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.130 views

CVE-2025-21273

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00706EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.124 views

CVE-2025-21329

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00111EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.123 views

CVE-2025-21213

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00143EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.122 views

CVE-2025-21377

NTLM Hash Disclosure Spoofing Vulnerability

6.5CVSS7.4AI score0.05648EPSS
CVE
CVEadded 2025/01/14 6:16 p.m.120 views

CVE-2025-21382

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00208EPSS
CVE
CVEadded 2025/04/08 6:16 p.m.118 views

CVE-2025-27736

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

5.5CVSS6.6AI score0.00041EPSS
Total number of security vulnerabilities450