Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47168 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-33075 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32718 | Hig | 0.51 | 7.8 | 0.00 | Jun 10, 2025 | Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32716 | Hig | 0.51 | 7.8 | 0.00 | Jun 10, 2025 | Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32714 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32713 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32712 | Hig | 0.51 | 7.8 | 0.00 | Jun 10, 2025 | Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32707 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-32705 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-32702 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30393 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30388 | Hig | 0.51 | 7.8 | 0.03 | May 13, 2025 | Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30385 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-30383 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30382 | Hig | 0.51 | 7.8 | 0.02 | May 13, 2025 | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30381 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30379 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30376 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-30375 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29979 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29978 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29977 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29976 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29975 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29970 | Hig | 0.51 | 7.8 | 0.00 | May 13, 2025 | Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-24063 | Hig | 0.51 | 7.8 | 0.01 | May 13, 2025 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29823 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29822 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2025-29820 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29812 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29811 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29801 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29800 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29791 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27752 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27750 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27749 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27748 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27747 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27746 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27745 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27744 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27743 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Untrusted search path in System Center allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27741 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-27739 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27733 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-27731 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27730 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27729 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Use after free in Windows Shell allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-27728 | Hig | 0.51 | 7.8 | 0.01 | Apr 8, 2025 | Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. |
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.03
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.02
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
Page 63 of 287