Lucene search

K
MicrosoftWindows Server 2022 23h2*

1172 matches found

CVE
CVE
added 2025/05/13 5:15 p.m.51 views

CVE-2025-29963

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00083EPSS
CVE
CVE
added 2025/01/14 6:15 p.m.50 views

CVE-2025-21331

Windows Installer Elevation of Privilege Vulnerability

7.3CVSS7.2AI score0.0012EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.50 views

CVE-2025-29960

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.3AI score0.00074EPSS
CVE
CVE
added 2025/06/10 5:21 p.m.50 views

CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.00057EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.49 views

CVE-2025-29961

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.3AI score0.00074EPSS
CVE
CVE
added 2025/06/10 5:22 p.m.49 views

CVE-2025-32721

Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.

7.3CVSS7.1AI score0.00071EPSS
CVE
CVE
added 2025/06/10 5:22 p.m.49 views

CVE-2025-33057

Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.

6.5CVSS6.3AI score0.00187EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.48 views

CVE-2025-29955

Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.

6.2CVSS6.5AI score0.00113EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.48 views

CVE-2025-29968

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.

6.5CVSS6.6AI score0.00231EPSS
CVE
CVE
added 2025/05/13 5:16 p.m.48 views

CVE-2025-30385

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00066EPSS
CVE
CVE
added 2025/06/10 5:21 p.m.48 views

CVE-2025-32716

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00057EPSS
CVE
CVE
added 2025/06/10 5:22 p.m.48 views

CVE-2025-33058

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00048EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.47 views

CVE-2025-29830

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00223EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.47 views

CVE-2025-29832

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.5AI score0.00074EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.47 views

CVE-2025-29957

Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.

6.2CVSS7AI score0.0043EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.47 views

CVE-2025-29958

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.6AI score0.00229EPSS
CVE
CVE
added 2025/06/10 5:21 p.m.47 views

CVE-2025-32714

Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00052EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.46 views

CVE-2025-29956

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

5.4CVSS6.7AI score0.00079EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.39 views

CVE-2025-47981

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

9.8CVSS7.4AI score0.00143EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.39 views

CVE-2025-49740

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.

8.8CVSS6.5AI score0.00094EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.37 views

CVE-2025-49724

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.

8.8CVSS7.3AI score0.00171EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.36 views

CVE-2025-49691

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.

8CVSS7.4AI score0.00126EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.34 views

CVE-2025-48817

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS7AI score0.00052EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.33 views

CVE-2025-48000

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00051EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.33 views

CVE-2025-49735

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

8.1CVSS7.3AI score0.00161EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.32 views

CVE-2025-48822

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

8.6CVSS6.9AI score0.00068EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.31 views

CVE-2025-47971

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00068EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.31 views

CVE-2025-47991

Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

7.8CVSS6.9AI score0.00052EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.31 views

CVE-2025-48824

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.30 views

CVE-2025-49721

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00068EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.30 views

CVE-2025-49744

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

7CVSS7AI score0.02225EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.29 views

CVE-2025-47998

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00079EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.29 views

CVE-2025-49683

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.

7.8CVSS7.2AI score0.00506EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.29 views

CVE-2025-49686

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.28 views

CVE-2025-49689

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00087EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.27 views

CVE-2025-47973

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00068EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.27 views

CVE-2025-49723

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.

8.8CVSS6.5AI score0.00052EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.27 views

CVE-2025-49753

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.26 views

CVE-2025-47972

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.

8CVSS6.5AI score0.00059EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.26 views

CVE-2025-48818

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.2AI score0.00075EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.26 views

CVE-2025-48823

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.

5.9CVSS6.1AI score0.0003EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-48003

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.2AI score0.00109EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.3AI score0.00037EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-48815

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00141EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-49669

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-49670

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

6.5CVSS7.5AI score0.00064EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-49716

Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.

7.5CVSS6.4AI score0.01849EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.25 views

CVE-2025-49722

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

5.7CVSS6.5AI score0.00666EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.25 views

CVE-2025-49760

External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.

3.5CVSS6.5AI score0.00058EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.24 views

CVE-2025-48001

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.2AI score0.00075EPSS
Total number of security vulnerabilities1172