Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Use after free in Windows Kernel Mode Driver allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally.
Improper restriction of rendered ui layers or frames in Microsoft Bing App for IOS allows an unauthorized attacker to perform spoofing over a network.
Use after free in Windows Storage allows an authorized attacker to elevate privileges locally.
Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.
Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network.
Missing authentication for critical function in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally.
Untrusted search path in Microsoft XML allows an unauthorized attacker to bypass a security feature with a physical attack.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.
Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Missing cryptographic step in Windows CryptoAPI allows an authorized attacker to perform tampering locally.
Improper access control in Windows Remote Help Defense allows an authorized attacker to elevate privileges locally.