Search
Search Results (315405 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55697 | 1 Microsoft | 5 Azure, Azure Cli, Windows Server and 2 more | 2025-10-23 | 7.8 High |
| Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55694 | 1 Microsoft | 5 Windows, Windows 11, Windows Server and 2 more | 2025-10-23 | 7.8 High |
| Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-60535 | 1 Wallosapp | 1 Wallos | 2025-10-23 | 7.3 High |
| A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request. | ||||
| CVE-2025-59248 | 1 Microsoft | 3 Exchange, Exchange Server, Exchange Srv | 2025-10-23 | 7.5 High |
| Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59192 | 1 Microsoft | 18 Windows, Windows 10, Windows 10 1507 and 15 more | 2025-10-23 | 7.8 High |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59210 | 1 Microsoft | 6 Windows, Windows 11, Windows 11 24h2 and 3 more | 2025-10-23 | 7.4 High |
| Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-59198 | 1 Microsoft | 11 Windows, Windows 10, Windows 11 and 8 more | 2025-10-23 | 5 Medium |
| Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. | ||||
| CVE-2025-60540 | 1 Karakeep | 1 Karakeep | 2025-10-23 | 6.5 Medium |
| karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF). | ||||
| CVE-2025-55690 | 1 Microsoft | 4 Windows, Windows 11, Windows Server and 1 more | 2025-10-23 | 7 High |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59241 | 1 Microsoft | 4 Windows, Windows 11, Windows 11 24h2 and 1 more | 2025-10-23 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59221 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-10-23 | 7 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58734 | 1 Microsoft | 17 Windows, Windows 10 1507, Windows 10 1607 and 14 more | 2025-10-23 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59184 | 1 Microsoft | 6 Windows Server, Windows Server 2016, Windows Server 2019 and 3 more | 2025-10-23 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-58724 | 1 Microsoft | 5 Azure, Azure Agent, Azure Arc and 2 more | 2025-10-23 | 7.8 High |
| Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59222 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-10-23 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-55698 | 1 Microsoft | 5 Directx, Windows, Windows 11 and 2 more | 2025-10-23 | 7.7 High |
| Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network. | ||||
| CVE-2025-55247 | 3 Linux, Microsoft, Redhat | 3 Linux Kernel, .net, Enterprise Linux | 2025-10-23 | 7.3 High |
| Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55693 | 1 Microsoft | 4 Windows, Windows 11, Windows Server and 1 more | 2025-10-23 | 7.4 High |
| Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-55695 | 1 Microsoft | 10 Windows, Windows 10, Windows 11 and 7 more | 2025-10-23 | 5.5 Medium |
| Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-60536 | 1 Provectus | 1 Kafka-ui | 2025-10-23 | 7.5 High |
| An issue in the Configure New Cluster interface of kafka-ui v0.6.0 to v0.7.2 allows attackers to cause a Denial of Service (DoS) via uploading a crafted configuration file. | ||||