Lucene search

K
MicrosoftWindows Server 2022 23h2*

1172 matches found

CVE
CVE
added 2025/07/08 5:15 p.m.24 views

CVE-2025-48800

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.2AI score0.00109EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.24 views

CVE-2025-49659

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.24 views

CVE-2025-49684

Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.

5.5CVSS6.2AI score0.00048EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-47976

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-47978

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.

6.5CVSS6.4AI score0.00132EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-47982

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00086EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-47984

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.

7.5CVSS6.1AI score0.00135EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-47986

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

8.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-48802

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

6.5CVSS6.4AI score0.0006EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-48814

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

7.5CVSS6.9AI score0.00107EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-48819

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

7.1CVSS6.5AI score0.00376EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-49661

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-49668

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-49682

Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

7.3CVSS7AI score0.00067EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.23 views

CVE-2025-49685

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

7CVSS6.9AI score0.00052EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.23 views

CVE-2025-49726

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-47980

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

6.2CVSS6AI score0.00056EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-47985

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-47987

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00078EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-47996

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00078EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-47999

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

6.8CVSS6.5AI score0.00443EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48803

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

6.7CVSS6.5AI score0.00036EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

7.8CVSS7.3AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48806

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

7.8CVSS7.3AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48808

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

5.5CVSS6AI score0.0005EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48816

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00078EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48820

Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00064EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-48821

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

7.1CVSS7AI score0.00306EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49657

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49658

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

5.5CVSS6.1AI score0.00048EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49663

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49666

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.

7.2CVSS7.4AI score0.00108EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49671

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.1AI score0.00064EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49674

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49675

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.9AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49678

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00047EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00141EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49681

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.2AI score0.00064EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.22 views

CVE-2025-49694

Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

7.8CVSS6.4AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.22 views

CVE-2025-49725

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.22 views

CVE-2025-49729

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.22 views

CVE-2025-49730

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.

7.8CVSS6.4AI score0.01025EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.22 views

CVE-2025-49732

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.22 views

CVE-2025-49733

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:16 p.m.22 views

CVE-2025-49742

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

7.8CVSS7.1AI score0.00078EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.21 views

CVE-2025-47975

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7CVSS6.6AI score0.00052EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.21 views

CVE-2025-49660

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.21 views

CVE-2025-49664

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.

5.5CVSS6AI score0.0005EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.21 views

CVE-2025-49667

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

7.8CVSS6.6AI score0.00057EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.21 views

CVE-2025-49673

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
Total number of security vulnerabilities1172