Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.7

    MEDIUM
    CVE-2025-54094

    Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.0

    HIGH
    CVE-2025-54093

    Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.8

    HIGH
    CVE-2025-54092

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.8

    HIGH
    CVE-2025-54091

    Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.7

    MEDIUM
    CVE-2025-53810

    Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.5

    MEDIUM
    CVE-2025-53809

    Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.7

    MEDIUM
    CVE-2025-53808

    Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.0

    HIGH
    CVE-2025-53807

    Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.5

    MEDIUM
    CVE-2025-53806

    Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.5

    HIGH
    CVE-2025-53805

    Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 5.5

    MEDIUM
    CVE-2025-53804

    Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 5.5

    MEDIUM
    CVE-2025-53803

    Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.0

    HIGH
    CVE-2025-53802

    Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.8

    HIGH
    CVE-2025-53801

    Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 7.8

    HIGH
    CVE-2025-53800

    No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 5.5

    MEDIUM
    CVE-2025-53799

    Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.5

    MEDIUM
    CVE-2025-53798

    Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.5

    MEDIUM
    CVE-2025-53797

    Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 6.5

    MEDIUM
    CVE-2025-53796

    Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025

  • 5.3

    MEDIUM
    CVE-2025-53348

    Missing Authorization vulnerability in Laborator Kalium. This issue affects Kalium: from n/a through 3.18.3.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 09, 2025
    • Vuln Type: Authorization
Showing 20 of 293182 Results