Search

Expected end of text, found '.' (at char 8), (line:1, col:9)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (314263 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-58717 2025-10-14 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-58716 2025-10-14 8.8 High
Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2025-58715 2025-10-14 8.8 High
Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2025-55701 2025-10-14 7.8 High
Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.
CVE-2025-55700 2025-10-14 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-55689 2025-10-14 7 High
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55686 2025-10-14 7 High
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55685 2025-10-14 7 High
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55681 2025-10-14 7 High
Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally.
CVE-2025-55677 2025-10-14 7.8 High
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
CVE-2025-55676 2025-10-14 5.5 Medium
Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.
CVE-2025-55340 2025-10-14 7 High
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
CVE-2025-55339 2025-10-14 7.8 High
Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.
CVE-2025-55338 2025-10-14 6.1 Medium
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-55336 2025-10-14 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.
CVE-2025-55335 2025-10-14 7.4 High
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVE-2025-55333 2025-10-14 6.1 Medium
Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-55325 2025-10-14 5.5 Medium
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-24052 2025-10-14 7.8 High
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware.
CVE-2025-50174 2025-10-14 7 High
Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.