Search
Search Results (314562 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55690 | 2025-10-16 | 7 High | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55686 | 2025-10-16 | 7 High | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55689 | 2025-10-16 | 7 High | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55684 | 2025-10-16 | 7 High | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55691 | 2025-10-16 | 7 High | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55688 | 2025-10-16 | 7 High | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59202 | 2025-10-16 | 7 High | ||
| Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-11021 | 1 Redhat | 1 Enterprise Linux | 2025-10-15 | 7.5 High |
| A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. | ||||
| CVE-2025-59227 | 2025-10-15 | 7.8 High | ||
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58724 | 2025-10-15 | 7.8 High | ||
| Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59228 | 2025-10-15 | 8.8 High | ||
| Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-59223 | 2025-10-15 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59214 | 2025-10-15 | 6.5 Medium | ||
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59286 | 1 Microsoft | 3 365, 365 Copilot, 365 Copilot Chat | 2025-10-15 | 6.5 Medium |
| Copilot Spoofing Vulnerability | ||||
| CVE-2025-55321 | 1 Microsoft | 1 Azure Monitor | 2025-10-15 | 8.7 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59272 | 1 Microsoft | 3 365, 365 Copilot, 365 Copilot Chat | 2025-10-15 | 6.5 Medium |
| Copilot Spoofing Vulnerability | ||||
| CVE-2025-59271 | 2025-10-15 | 8.7 High | ||
| Redis Enterprise Elevation of Privilege Vulnerability | ||||
| CVE-2025-59252 | 1 Microsoft | 2 365, 365 Copilot | 2025-10-15 | 6.5 Medium |
| M365 Copilot Spoofing Vulnerability | ||||
| CVE-2025-59247 | 1 Microsoft | 2 Azure, Azure Playfab | 2025-10-15 | 8.8 High |
| Azure PlayFab Elevation of Privilege Vulnerability | ||||
| CVE-2025-59246 | 1 Microsoft | 1 Entra Id | 2025-10-15 | 9.8 Critical |
| Azure Entra ID Elevation of Privilege Vulnerability | ||||