Search
Search Results (314701 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59199 | 2025-10-18 | 7.8 High | ||
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55695 | 2025-10-18 | 5.5 Medium | ||
| Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-10243 | 1 Ivanti | 1 Endpoint Manager Mobile | 2025-10-18 | 7.2 High |
| OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-10242 | 1 Ivanti | 1 Endpoint Manager Mobile | 2025-10-18 | 7.2 High |
| OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-55339 | 2025-10-18 | 7.8 High | ||
| Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50175 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-10-18 | 7.8 High |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53150 | 2025-10-18 | 7.8 High | ||
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-58720 | 2025-10-18 | 7.8 High | ||
| Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-53139 | 2025-10-18 | 7.7 High | ||
| Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-33073 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-18 | 8.8 High |
| Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-62640 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62639 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62638 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62637 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62636 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62635 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62634 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62633 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62632 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-11549 | 1 Tenda | 2 W12, W12 Firmware | 2025-10-18 | 8.8 High |
| A vulnerability has been found in Tenda W12 3.0.0.6(3948). The affected element is the function wifiMacFilterSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. | ||||