Latest CVE Feed
-
7.8
HIGHCVE-2025-49742
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49740
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Misconfiguration
-
8.8
HIGHCVE-2025-49739
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.... Read more
Affected Products : visual_studio_2017 visual_studio_2019 visual_studio visual_studio_2022 visual_studio_2015- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-49738
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : pc_manager- Published: Jul. 08, 2025
- Modified: Jul. 23, 2025
- Vuln Type: Authorization
-
7.0
HIGHCVE-2025-49737
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : teams- Published: Jul. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Race Condition
-
8.1
HIGHCVE-2025-49735
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49733
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49732
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2025-49731
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : teams- Published: Jul. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-49730
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Race Condition
-
8.8
HIGHCVE-2025-49729
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-49727
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49726
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49725
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49724
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49723
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Authorization
-
5.7
MEDIUMCVE-2025-49722
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-49721
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-49719
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2025-49718
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Information Disclosure