Windows
Products
10- 27 CVEs
- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
38| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41089 | Cri | 0.64 | 9.8 | 0.72 | May 12, 2026 | Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. | ||
| CVE-2026-40408 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26168 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33100 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33099 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-32082 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-27917 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26182 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26177 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26173 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-32216 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally. | ||
| CVE-2024-31941 | Med | 0.35 | 5.4 | 0.00 | Apr 15, 2024 | Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3. | ||
| CVE-2026-20928 | Med | 0.30 | 4.6 | 0.00 | Apr 14, 2026 | Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2025-21418 | 0.13 | — | 0.01 | KEV | Feb 11, 2025 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||
| CVE-2025-32709 | 0.12 | — | 0.02 | KEV | May 13, 2025 | Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2023-21768 | 0.09 | — | 0.65 | Jan 10, 2023 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||
| CVE-2006-6601 | 0.04 | — | 0.17 | Dec 15, 2006 | Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields… | |||
| CVE-2023-28218 | 0.02 | — | 0.12 | Apr 11, 2023 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||
| CVE-2021-38629 | 0.02 | — | 0.02 | Sep 15, 2021 | Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | |||
| CVE-2009-4310 | 0.02 | — | 0.24 | Dec 13, 2009 | Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to… |
- risk 0.64cvss 9.8epss 0.72
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.36cvss 5.5epss 0.00
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.
- risk 0.35cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3.
- risk 0.30cvss 4.6epss 0.00
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.13cvss —epss 0.01
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.02
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2023-21768Jan 10, 2023risk 0.09cvss —epss 0.65
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- CVE-2006-6601Dec 15, 2006risk 0.04cvss —epss 0.17
Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields…
- CVE-2023-28218Apr 11, 2023risk 0.02cvss —epss 0.12
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- CVE-2021-38629Sep 15, 2021risk 0.02cvss —epss 0.02
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
- CVE-2009-4310Dec 13, 2009risk 0.02cvss —epss 0.24
Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to…