Search
Search Results (314223 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49708 | 2025-10-14 | 9.9 Critical | ||
| Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-59243 | 2025-10-14 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59249 | 2025-10-14 | 8.8 High | ||
| Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-59250 | 2025-10-14 | 8.1 High | ||
| Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59254 | 2025-10-14 | 7.8 High | ||
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59255 | 2025-10-14 | 7.8 High | ||
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-48813 | 2025-10-14 | 6.3 Medium | ||
| Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2025-25004 | 2025-10-14 | 7.3 High | ||
| Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53717 | 2025-10-14 | 7 High | ||
| Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50152 | 2025-10-14 | 7.8 High | ||
| Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53150 | 2025-10-14 | 7.8 High | ||
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50175 | 2025-10-14 | 7.8 High | ||
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53139 | 2025-10-14 | 7.7 High | ||
| Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-2364 | 1 Lenve | 1 Vblog | 2025-10-14 | 3.5 Low |
| A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-53768 | 2025-10-14 | 7.8 High | ||
| Use after free in Xbox allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55692 | 2025-10-14 | 7.8 High | ||
| Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55693 | 2025-10-14 | 7.4 High | ||
| Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-55694 | 2025-10-14 | 7.8 High | ||
| Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55696 | 2025-10-14 | 7.8 High | ||
| Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55697 | 2025-10-14 | 7.8 High | ||
| Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally. | ||||