Windows Kernel
by Microsoft
CVEs (304)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38106 | 0.12 | — | 0.06 | KEV | Aug 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2007-0069 | 0.04 | — | 0.49 | Jan 8, 2008 | Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka… | |||
| CVE-2024-21345 | 0.03 | — | 0.20 | Feb 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | |||
| CVE-2015-1680 | 0.03 | — | 0.03 | May 13, 2015 | The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via… | |||
| CVE-2007-0066 | 0.03 | — | 0.32 | Jan 8, 2008 | The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel… | |||
| CVE-2026-24289 | 0.00 | — | 0.04 | Mar 10, 2026 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-21245 | 0.00 | — | 0.00 | Feb 10, 2026 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-55699 | 0.00 | — | 0.00 | Oct 14, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2025-59207 | 0.00 | — | 0.00 | Oct 14, 2025 | Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-53804 | 0.00 | — | 0.01 | Sep 9, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2025-49666 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network. | |||
| CVE-2025-48809 | 0.00 | — | 0.00 | Jul 8, 2025 | Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2025-48808 | 0.00 | — | 0.00 | Jul 8, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2025-26636 | 0.00 | — | 0.00 | Jul 8, 2025 | Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2025-29974 | 0.00 | — | 0.01 | May 13, 2025 | Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. | |||
| CVE-2025-21323 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Kernel Memory Information Disclosure Vulnerability | |||
| CVE-2025-21321 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Kernel Memory Information Disclosure Vulnerability | |||
| CVE-2024-43630 | 0.00 | — | 0.04 | Nov 12, 2024 | Windows Kernel Elevation of Privilege Vulnerability | |||
| CVE-2024-43623 | 0.00 | — | 0.04 | Nov 12, 2024 | Windows NT OS Kernel Elevation of Privilege Vulnerability | |||
| CVE-2024-43570 | 0.00 | — | 0.01 | Oct 8, 2024 | Windows Kernel Elevation of Privilege Vulnerability |
- risk 0.12cvss —epss 0.06
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2007-0069Jan 8, 2008risk 0.04cvss —epss 0.49
Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka…
- CVE-2024-21345Feb 13, 2024risk 0.03cvss —epss 0.20
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2015-1680May 13, 2015risk 0.03cvss —epss 0.03
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via…
- CVE-2007-0066Jan 8, 2008risk 0.03cvss —epss 0.32
The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel…
- CVE-2026-24289Mar 10, 2026risk 0.00cvss —epss 0.04
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2026-21245Feb 10, 2026risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2025-55699Oct 14, 2025risk 0.00cvss —epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2025-59207Oct 14, 2025risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2025-53804Sep 9, 2025risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2025-49666Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.
- CVE-2025-48809Jul 8, 2025risk 0.00cvss —epss 0.00
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2025-48808Jul 8, 2025risk 0.00cvss —epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2025-26636Jul 8, 2025risk 0.00cvss —epss 0.00
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2025-29974May 13, 2025risk 0.00cvss —epss 0.01
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.
- CVE-2025-21323Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Kernel Memory Information Disclosure Vulnerability
- CVE-2025-21321Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Kernel Memory Information Disclosure Vulnerability
- CVE-2024-43630Nov 12, 2024risk 0.00cvss —epss 0.04
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2024-43623Nov 12, 2024risk 0.00cvss —epss 0.04
Windows NT OS Kernel Elevation of Privilege Vulnerability
- CVE-2024-43570Oct 8, 2024risk 0.00cvss —epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
Page 14 of 16