Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.
Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.
Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.