Search Results (1935 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-59187 1 Microsoft 30 Windows, Windows 10, Windows 10 1507 and 27 more 2026-02-22 7.8 High
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-55696 1 Microsoft 22 Windows, Windows 10, Windows 10 1809 and 19 more 2026-02-22 7.8 High
Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.
CVE-2025-68924 1 Umbraco 2 Forms, Umbraco Forms 2026-02-20 7.5 High
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
CVE-2025-54114 1 Microsoft 16 Windows 10 1607, Windows 10 21h2, Windows 10 21h2 and 13 more 2026-02-20 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2025-53801 1 Microsoft 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more 2026-02-20 7.8 High
Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.
CVE-2025-54905 1 Microsoft 14 365 Apps, Office, Office 2019 and 11 more 2026-02-20 7.1 High
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2025-60728 1 Microsoft 8 365, 365 Apps, Office and 5 more 2026-02-13 4.3 Medium
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2025-60708 1 Microsoft 22 Windows, Windows 10, Windows 10 1607 and 19 more 2026-02-13 6.5 Medium
Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.
CVE-2025-21381 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-02-13 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21358 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2026-02-13 7.8 High
Windows Core Messaging Elevation of Privileges Vulnerability
CVE-2025-24084 1 Microsoft 10 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 7 more 2026-02-13 8.4 High
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
CVE-2025-24083 1 Microsoft 9 365 Apps, Office, Office 2016 and 6 more 2026-02-13 7.8 High
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-29812 1 Microsoft 10 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 7 more 2026-02-13 7.8 High
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
CVE-2025-27739 1 Microsoft 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more 2026-02-13 7.8 High
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-27747 1 Microsoft 14 365 Apps, Office, Office 2019 and 11 more 2026-02-13 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-30381 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-02-13 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47999 1 Microsoft 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more 2026-02-13 6.8 Medium
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVE-2025-47982 1 Microsoft 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more 2026-02-13 7.8 High
Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-49751 1 Microsoft 25 Hyper-v, Server, Windows and 22 more 2026-02-13 6.8 Medium
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVE-2025-54152 2 Qnap, Qnap Systems 2 Qsync Central, Qsync Central 2026-02-12 6.5 Medium
A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later