Search

Search Results (314418 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-53782 2025-10-15 8.4 High
Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.
CVE-2025-59227 2025-10-15 7.8 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59234 2025-10-15 7.8 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59226 2025-10-15 7.8 High
Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
CVE-2025-59238 2025-10-15 7.8 High
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-59228 2025-10-15 8.8 High
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-59237 2025-10-15 8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-59222 2025-10-15 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-59221 2025-10-15 7 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-25004 2025-10-15 7.3 High
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
CVE-2025-58718 2025-10-15 8.8 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-58737 2025-10-15 7 High
Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally.
CVE-2025-59206 2025-10-15 7.4 High
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-59287 2025-10-15 9.8 Critical
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
CVE-2025-59213 2025-10-15 8.4 High
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally.
CVE-2025-59196 2025-10-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59285 2025-10-15 7 High
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-59494 2025-10-15 7.8 High
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-58726 2025-10-15 7.5 High
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-58724 2025-10-15 7.8 High
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.