Lucene search
K
MicrosoftWindows 11 24h2

1349 matches found

CVE
CVE
added 2013/12/11 12:0 a.m.3238 views

CVE-2013-3900

CVE-2013-3900 describes a remote code execution in the WinVerifyTrust Authenticode verification for PE files. An attacker could modify a signed executable to execute code without invalidating the signature, potentially gaining full control of the system. Microsoft republished this CVE in the Secu...

8.8CVSS7.4AI score0.44647EPSS
In wildWeb
CVE
CVE
added 2025/01/14 6:4 p.m.1030 views

CVE-2025-21333

CVE-2025-21333 is a local elevation-of-privilege vulnerability in Windows Hyper‑V NT Kernel Integration VSP. The issue is a heap-based buffer overflow in the VSP component, enabling a local attacker with Low privilege and no user interaction to gain SYSTEM rights on the host. Public materials in ...

7.8CVSS7.7AI score0.09798EPSS
In wild
CVE
CVE
added 2024/08/13 5:29 p.m.1018 views

CVE-2024-38063

CVE-2024-38063 is a Windows IPv6/tcpip.sys vulnerability involving improper handling of IPv6 extension headers and fragmentation. Technical material in connected docs shows an integer underflow in the IPv6 fragment reassembly path (Ipv6pReassemblyTimeout) and a risky code path where IppSendErrorL...

9.8CVSS9.8AI score0.70564EPSS
CVE
CVE
added 2025/01/14 6:3 p.m.963 views

CVE-2025-21298

CVE-2025-21298 is a Windows OLE use-after-free memory corruption vulnerability in ole32.dll (UtOlePresStmToContentsStm) that enables remote code execution via specially crafted RTF, including zero-click scenarios when previews are shown in Outlook. The issue arises from a double-free of the CONTE...

9.8CVSS9.8AI score0.80912EPSS
CVE
CVE
added 2025/04/08 5:23 p.m.747 views

CVE-2025-29824

CVE-2025-29824 is a Use-After-Free vulnerability in the Windows Common Log File System Driver (CLFS) kernel driver, caused by a race condition in W32PROCESS handling via WaitForInputIdle that enables local privilege escalation to SYSTEM. Microsoft patched this in April 2025 (KB5044284). Public ex...

7.8CVSS7.5AI score0.1806EPSS
In wild
CVE
CVE
added 2024/10/08 5:36 p.m.671 views

CVE-2024-43572

CVE-2024-43572 is a Microsoft Windows Management Console Remote Code Execution vulnerability. Connected sources confirm a patch was released in the October 2024 updates, and Microsoft/Elastic Security Labs notes mitigations such as blocking untrusted MSC files to prevent code execution via MMC. T...

7.8CVSS8.6AI score0.60954EPSS
In wild
CVE
CVE
added 2024/08/08 1:59 a.m.597 views

CVE-2024-21302

Microsoft has fixed CVE-2024-21302 for Windows systems with Virtualization-Based Security (VBS). The elevation-of-privilege vulnerability allowed an administrator to replace current Windows system files with older versions, potentially reintroducing mitigated VBS vulnerabilities and exfiltrating ...

6.7CVSS5.8AI score0.01559EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.580 views

CVE-2025-53799

CVE-2025-53799 affects the Windows Imaging Component. The vulnerability arises from use of an uninitialized resource in Imaging Component code, enabling local attackers to disclose information. The NCSC entry confirms the impact as Access to sensitive data with a CVSS-like rating around 5.5 (Medi...

5.5CVSS6.1AI score0.0073EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.566 views

CVE-2025-53803

CVE-2025-53803 affects the Windows Kernel. Reported as: error message generation could disclose sensitive information to an authorized local attacker. According to the available connected sources, the vulnerability is categorized under Windows Kernel with a documented impact of accessing sensitiv...

5.5CVSS5.9AI score0.00606EPSS
CVE
CVE
added 2024/11/12 5:54 p.m.546 views

CVE-2024-38203

Technical details for CVE-2024-38203 are not publicly available in the supplied documents. No specifics on affected products, root cause, or remediation are provided here; monitor the feeds for updates from Microsoft and vulnerability trackers.

6.2CVSS5.8AI score0.00677EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.507 views

CVE-2024-49138

Summary (CVE-2024-49138): A heap-based buffer overflow in the Windows Common Log File System Driver (CLFS.sys) enables local Elevation of Privilege on Windows 11/23h2 (and other supported builds). Public PoCs and exploits exist (GitHub PoC repos and exploits referenced in multiple sources), with ...

7.8CVSS7.5AI score0.25414EPSS
In wild
CVE
CVE
added 2025/02/11 5:58 p.m.500 views

CVE-2025-21391

CVE-2025-21391 (Windows Storage Elevation of Privilege) describes a local privilege escalation in Windows Storage. The vulnerability allows an attacker with low privileges and no user interaction to elevate to SYSTEM by exploiting a link-following flaw in Windows Storage (root cause described as ...

7.1CVSS7.7AI score0.02143EPSS
In wild
CVE
CVE
added 2025/11/11 5:59 p.m.494 views

CVE-2025-62215

CVE-2025-62215 is a Windows Kernel race condition that enables local privilege escalation to SYSTEM by exploiting a concurrency window over kernel object handles, causing a double-free. A PoC exploit repository demonstrates a multithreaded trigger and heap spraying to achieve token elevation. Pub...

7CVSS5.8AI score0.061EPSS
In wild
CVE
CVE
added 2025/10/14 5:1 p.m.492 views

CVE-2025-59230

CVE-2025-59230 describes an improper access control flaw in the Windows Remote Access Connection Manager (RasMan). The vulnerability allows an authenticated local user to elevate privileges to SYSTEM by manipulating RasMan’s IPC handling/ACLs, as reported in multiple sources. Exploitation activit...

7.8CVSS6.5AI score0.02615EPSS
In wild
CVE
CVE
added 2024/09/10 4:53 p.m.490 views

CVE-2024-38014

CVE-2024-38014 is a Windows Installer privilege-escalation vulnerability (local, CVSSv3.1: 7.8) that could allow an attacker with low privileges to gain SYSTEM-level access. The issue targets the Windows Installer component and is described in sources as an improper privilege-management flaw. Pub...

7.8CVSS8.7AI score0.06008EPSS
In wild
CVE
CVE
added 2024/10/08 5:35 p.m.479 views

CVE-2024-43573

CVE-2024-43573 is a Windows MSHTML Platform Spoofing vulnerability. Public sources confirm it affects MSHTML in Windows and that patches were released (Microsoft Update Guide). There is evidence of exploitation in the wild for MSHTML-related spoofing vulnerabilities, including references noting a...

8.1CVSS7.4AI score0.44382EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.475 views

CVE-2025-24071

CVE-2025-24071 affects Windows File Explorer via the .library-ms mechanism. When a user opens or extracts ZIP/RAR contents containing a crafted .library-ms, Explorer can trigger an SMB authentication to a remote server, leaking the user’s NTLM hash. No user interaction beyond extraction is requir...

6.5CVSS7.3AI score0.25068EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.474 views

CVE-2025-55695

CVE-2025-55695 describes an out-of-bounds read vulnerability in the Windows WLAN Auto Config Service that enables an authorized local attacker to disclose information. The description in the initial document confirms the root cause (out-of-bounds read) and the impact (local information disclosure...

5.5CVSS6.1AI score0.00372EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.467 views

CVE-2025-59294

CVE-2025-59294 affects Windows Taskbar Live. The description indicates exposure of sensitive information to an unauthorized actor under physical access, enabling information disclosure. Connected documents provide limited details: the exact vulnerable component context and remediation are not spe...

4.6CVSS5.8AI score0.00573EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.462 views

CVE-2025-59211

CVE-2025-59211 concerns exposure of sensitive information to an unauthorized actor in Windows Push Notification Core, enabling an attacker with local access to disclose information. The initial entry identifies a local attack vector with a medium base score (CVSS 3.1: AV=L, AC=L, PR=L, UI=N, S=U,...

5.5CVSS6.1AI score0.00554EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.462 views

CVE-2025-59513

Technical details about CVE-2025-59513 are not publicly available in the provided documents. Monitor for updates from Microsoft and the CVE entry for affected components, impact, and remediation.

5.5CVSS5AI score0.0044EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.451 views

CVE-2025-59204

CVE-2025-59204 concerns Windows Management Services and is triggered by use of an uninitialized resource, leading to local information disclosure. The impact is confidentiality loss with local attack vector (required local access, no user interaction). The connected documents confirm Windows secu...

5.5CVSS6.2AI score0.00468EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.450 views

CVE-2025-54917

CVE-2025-54917 is a network-exploitable issue in Windows MapUrlToZone that enables circumvention of a security mechanism. The CVSS v3.1 base score is 4.3 (NETWORK, LOW attack complexity, NONE privileges, UI required) with a LOW confidentiality impact. The Connected documents indicate this CVE map...

4.3CVSS6.3AI score0.00842EPSS
CVE
CVE
added 2024/11/12 5:54 p.m.436 views

CVE-2024-49039

CVE-2024-49039 is a Windows Task Scheduler privilege-escalation vulnerability. An authenticated local attacker can elevate privileges outside of AppContainer and access privileged RPC functions via the Task Scheduler, enabling local privilege escalation with high impact (CVE-2024-49039). There ar...

8.8CVSS8.6AI score0.13719EPSS
In wild
CVE
CVE
added 2026/01/13 5:56 p.m.436 views

CVE-2026-20862

CVE-2026-20862 is a Windows Management Services information disclosure vulnerability. The description in the initial document states that it allows an authorized attacker to disclose sensitive information locally. The connected Nessus/NCSC/ENISA entries confirm this is a local-impact issue tied t...

5.5CVSS6.1AI score0.00614EPSS
CVE
CVE
added 2024/11/12 5:53 p.m.398 views

CVE-2024-43451

CVE-2024-43451 is a Windows NTLMv2 hash disclosure spoofing vulnerability. Affected: Windows; root cause: NTLM hash leakage occurs when the shell processes .URL shortcuts, triggering NTLM authentication over SMB to an attacker-controlled server. Impact: attackers can obtain NTLMv2 hashes and perf...

6.5CVSS6.5AI score0.81817EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.395 views

CVE-2025-26633

CVE-2025-26633 is a local-privilege-escalation in Microsoft Management Console (MMC) caused by improper neutralization in how MMC loads language-twin .msc files. A malicious “evil twin” .msc in a language directory can execute payloads with the user’s privileges when a user opens a legitimate MMC...

7CVSS6.8AI score0.31894EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.393 views

CVE-2025-33053

Summary of CVE-2025-33053 : A vulnerability in Windows WebDAV/Internet Shortcut handling allows remote code execution when a vulnerable host opens a crafted .url file that points to a WebDAV share. Exploitation relies on the WebClient service resolving UNC paths via WebDAV and may trigger arbitra...

8.8CVSS8.8AI score0.81558EPSS
In wildWeb
CVE
CVE
added 2025/06/10 5:2 p.m.390 views

CVE-2025-33073

CVE-2025-33073 is a network-accessible elevation of privilege in the Windows SMB Client caused by improper access control in the SMB protocol stack. The initial description confirms privilege escalation with network access. Connected documents provide concrete exploit presence: PoCs and proof‑of‑...

8.8CVSS8.7AI score0.64987EPSS
In wild
CVE
CVE
added 2024/10/08 5:36 p.m.385 views

CVE-2024-43583

CVE-2024-43583 is a Winlogon elevation of privilege vulnerability. Connected PoC details show an attacker with low local privileges can escalate to SYSTEM by abusing the Image File Execution Options (IFEO) registry hijack to replace a legitimate system process with a malicious payload. Affected W...

7.8CVSS8.4AI score0.0133EPSS
Web
CVE
CVE
added 2025/05/13 4:59 p.m.385 views

CVE-2025-29974

Technical details about CVE-2025-29974 are not publicly provided in the supplied documents. Monitor for updates from Microsoft and other security bulletins to obtain confirmed affected products, scope, and remediation.

5.7CVSS5.6AI score0.00564EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.379 views

CVE-2024-49112

CVE-2024-49112 affects Windows LDAP on Domain Controllers. Connected sources describe an integer-overflow flaw in the LDAP server that can allow unauthenticated remote code execution via crafted CLDAP/LDAP traffic, leading to arbitrary code execution and potential DoS. Exploitation may require lo...

9.8CVSS9.7AI score0.70906EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.374 views

CVE-2025-21337

CVE-2025-21337 is a Windows vulnerability categorized as an elevation of privileges (impact: obtaining elevated privileges) with a low base score (CVSS v3.1: 3.3) and local attack vector. The connected advisory from NCSC-2025-0047 aligns this CVE to a Windows component issue with a CVSS ~3.3 and ...

3.3CVSS6AI score0.00548EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.373 views

CVE-2025-21420

CVE-2025-21420 is evidenced by PoCs showing a Disk Cleanup Tool (cleanmgr.exe) elevation via a DLL sideload approach. The GitHub PoCs demonstrate loading dokan1.dll/dokannp1.dll to trigger arbitrary code paths, with the exploit chain listing SetProcessMitigationPolicy (ProcessRedirectionTrustPoli...

7.8CVSS8.1AI score0.03415EPSS
Web
CVE
CVE
added 2024/10/08 5:35 p.m.367 views

CVE-2024-30092

CVE-2024-30092 corresponds to a Windows Hyper-V remote code execution vulnerability. Connected sources corroborate a Hyper-V RCE issue affecting Windows Hyper-V with an entry showing 8.0 base-vector severity and adjacent attack vector; Microsoft has released updates to fix vulnerabilities in Wind...

8CVSS8.3AI score0.00659EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.366 views

CVE-2026-44815

CVE-2026-44815 is a stack-based buffer overflow in the Windows DHCP Client that enables remote code execution over the network. Affected component: Windows DHCP Client; root cause is a stack-based overflow. Consequences are remote code execution with high impact, as indicated by the CVSS vector (...

9.8CVSS6AI score0.011EPSS
CVE
CVE
added 2024/09/10 4:54 p.m.363 views

CVE-2024-43461

CVE-2024-43461 — Windows MSHTML Platform Spoofing Vulnerability : A UI misrepresentation in MSHTML that can be used to spoof a web page. Affected component: Windows MSHTML Platform. Underlying issue is a UI spoofing flaw; CVSSv3.1 score 8.8 ( NETWORK, LOW, NONE, UI: REQUIRED; Confidentiality/Inte...

8.8CVSS9.3AI score0.51883EPSS
In wild
CVE
CVE
added 2026/01/13 5:56 p.m.357 views

CVE-2026-20962

CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...

4.4CVSS6.2AI score0.00399EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.350 views

CVE-2025-21189

CVE-2025-21189 is listed as MapUrlToZone Security Feature Bypass. Connected sources categorize its impact as circumvention of a security measure. Public technical detail in the provided documents is limited; no explicit root-cause, vulnerable product/version, or exploitation information is given....

4.3CVSS4.6AI score0.02864EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.342 views

CVE-2025-21418

CVE-2025-21418 is a heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Affected: Windows components exposed to local attack surface; exploitability is local with low attack complexity and no user interaction. Public r...

7.8CVSS8.2AI score0.01459EPSS
In wild
CVE
CVE
added 2026/02/10 5:51 p.m.341 views

CVE-2026-21510

CVE-2026-21510 is a Windows Shell security feature bypass vulnerability (Protection Mechanism Failure) that can allow remote code execution by bypassing SmartScreen prompts and shell warnings. Affected component: Windows Shell (explorer.exe) and related UI elements. Exploitation requires social e...

8.8CVSS5.5AI score0.25835EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.336 views

CVE-2025-24054

CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...

6.5CVSS6.5AI score0.58974EPSS
In wild
CVE
CVE
added 2024/08/13 5:29 p.m.329 views

CVE-2024-38193

CVE-2024-38193 concerns the Windows Ancillary Function Driver for WinSock (AFD) used by Winsock. The vulnerability is a local privilege-escalation issue in the AFD/WinSock stack, with a resource-management error cited by CNNVD and a privilege-escalation capability described by CISA KEV. Public ex...

7.8CVSS7.7AI score0.27561EPSS
In wildWeb
CVE
CVE
added 2025/01/14 6:4 p.m.328 views

CVE-2025-21335

CVE-2025-21335 is part of the Windows Hyper-V NT Kernel Integration VSP elevation-of-privilege family. Connected sources confirm three related CVEs: CVE-2025-21333 (heap-based buffer overflow), CVE-2025-21334 (use-after-free), and CVE-2025-21335 (use-after-free). The vulnerability affects the hos...

7.8CVSS7.7AI score0.01363EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.325 views

CVE-2025-33052

CVE-2025-33052 is a local-information-disclosure in the Windows DWM Core Library caused by use of an uninitialized resource. In NVD, it’s rated CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N; impact: confidentiality High. The Connected docs confirm affected component (Windows DWM Core Library) and...

5.5CVSS5.3AI score0.00534EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.324 views

CVE-2025-21334

CVE-2025-21334 concerns Windows Hyper-V NT Kernel Integration VSP with a Use-After-Free vulnerability. The connected documents indicate this family (CVE-21333/21334/21335) involves host–VM communications, yields Elevation of Privilege on the host via local access, and is part of a trio with CVE-2...

7.8CVSS7.7AI score0.0153EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.323 views

CVE-2025-33065

CVE-2025-33065 is an information-disclosure vulnerability: an out-of-bounds read in Windows Storage Management Provider could allow an authorized attacker (local access, low privileges) to disclose information. CVSS v3.1 base metrics indicate Local access, Low attack complexity, Privileges requir...

5.5CVSS5.2AI score0.00529EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.314 views

CVE-2026-45657

CVE-2026-45657 is a use-after-free in the Windows Kernel that enables a remote attacker to execute code over a network without user interaction. The formal CVSSv3.1 base score is 9.8 (CRITICAL), with network attack vector, low attack complexity, no privileges required, and high impact to confiden...

9.8CVSS5.7AI score0.15478EPSS
CVE
CVE
added 2024/09/10 4:54 p.m.312 views

CVE-2024-21416

CVE-2024-21416 refers to a Windows TCP/IP Remote Code Execution vulnerability in the Windows TCP/IP stack. The CVE entry is corroborated by multiple sources (NVD, CVE list, and MSRC advisories) and is rated with high impact; the NVD metrics list a critical base score (9.8) with network access and...

9.8CVSS9AI score0.01381EPSS
CVE
CVE
added 2024/10/08 5:36 p.m.302 views

CVE-2024-43584

CVE-2024-43584 affects Windows Scripting Engine and is described as a Security Feature Bypass. Public sources in connected docs identify Microsoft as the vendor and Windows Scripting as the affected component, with root cause framed as a bypass of a security feature and impact described as circum...

8.4CVSS7.8AI score0.00537EPSS
Total number of security vulnerabilities1349