Search
Search Results (314702 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48813 | 2025-10-18 | 6.3 Medium | ||
| Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2025-59193 | 2025-10-18 | 7 High | ||
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59192 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-18 | 7.8 High |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59241 | 1 Microsoft | 2 Windows 11 24h2, Windows 11 25h2 | 2025-10-18 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59199 | 2025-10-18 | 7.8 High | ||
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55695 | 2025-10-18 | 5.5 Medium | ||
| Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-10243 | 1 Ivanti | 1 Endpoint Manager Mobile | 2025-10-18 | 7.2 High |
| OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-10242 | 1 Ivanti | 1 Endpoint Manager Mobile | 2025-10-18 | 7.2 High |
| OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2025-55339 | 2025-10-18 | 7.8 High | ||
| Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50175 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-10-18 | 7.8 High |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53150 | 2025-10-18 | 7.8 High | ||
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-58720 | 2025-10-18 | 7.8 High | ||
| Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-53139 | 2025-10-18 | 7.7 High | ||
| Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-33073 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-18 | 8.8 High |
| Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-62640 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62639 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62638 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62637 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62636 | 2025-10-18 | N/A | ||
| Not used | ||||
| CVE-2025-62635 | 2025-10-18 | N/A | ||
| Not used | ||||