Total
290937 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29803 | 2025-04-16 | 7.3 High | ||
| Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27739 | 2025-04-16 | 7.8 High | ||
| Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27738 | 2025-04-16 | 6.5 Medium | ||
| Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-27737 | 2025-04-16 | 8.6 High | ||
| Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-27736 | 2025-04-16 | 5.5 Medium | ||
| Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-27735 | 2025-04-16 | 6 Medium | ||
| Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2025-27733 | 2025-04-16 | 7.8 High | ||
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-27732 | 2025-04-16 | 7 High | ||
| Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27730 | 2025-04-16 | 7.8 High | ||
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27731 | 2025-04-16 | 7.8 High | ||
| Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27728 | 2025-04-16 | 7.8 High | ||
| Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27729 | 2025-04-16 | 7.8 High | ||
| Use after free in Windows Shell allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-27727 | 2025-04-16 | 7.8 High | ||
| Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27490 | 2025-04-16 | 7.8 High | ||
| Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27491 | 2025-04-16 | 7.1 High | ||
| Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-27492 | 2025-04-16 | 7 High | ||
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27486 | 2025-04-16 | 7.5 High | ||
| Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2025-27489 | 2025-04-16 | 7.8 High | ||
| Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27487 | 2025-04-16 | 8 High | ||
| Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-27483 | 2025-04-16 | 7.8 High | ||
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||||