| Tag |
CVE ID |
CVE Title |
Severity |
| .NET |
CVE-2025-55247 |
.NET Elevation of Privilege Vulnerability |
Important |
| .NET, .NET Framework, Visual Studio |
CVE-2025-55248 |
.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability |
Important |
| Active Directory Federation Services |
CVE-2025-59258 |
Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability |
Important |
| Agere Windows Modem Driver |
CVE-2025-24990 |
Windows Agere Modem Driver Elevation of Privilege Vulnerability |
Important |
| Agere Windows Modem Driver |
CVE-2025-24052 |
Windows Agere Modem Driver Elevation of Privilege Vulnerability |
Important |
| AMD Restricted Memory Page |
CVE-2025-0033 |
AMD CVE-2025-0033: RMP Corruption During SNP Initialization |
Critical |
| ASP.NET Core |
CVE-2025-55315 |
ASP.NET Security Feature Bypass Vulnerability |
Important |
| Azure Connected Machine Agent |
CVE-2025-47989 |
Azure Connected Machine Agent Elevation of Privilege Vulnerability |
Important |
| Azure Connected Machine Agent |
CVE-2025-58724 |
Arc Enabled Servers – Azure Connected Machine Agent Elevation of Privilege Vulnerability |
Important |
| Azure Entra ID |
CVE-2025-59218 |
Azure Entra ID Elevation of Privilege Vulnerability |
Critical |
| Azure Entra ID |
CVE-2025-59246 |
Azure Entra ID Elevation of Privilege Vulnerability |
Critical |
| Azure Local |
CVE-2025-55697 |
Azure Local Elevation of Privilege Vulnerability |
Important |
| Azure Monitor |
CVE-2025-55321 |
Azure Monitor Log Analytics Spoofing Vulnerability |
Critical |
| Azure Monitor Agent |
CVE-2025-59285 |
Azure Monitor Agent Elevation of Privilege Vulnerability |
Important |
| Azure Monitor Agent |
CVE-2025-59494 |
Azure Monitor Agent Elevation of Privilege Vulnerability |
Important |
| Azure PlayFab |
CVE-2025-59247 |
Azure PlayFab Elevation of Privilege Vulnerability |
Critical |
| Confidential Azure Container Instances |
CVE-2025-59292 |
Azure Compute Gallery Elevation of Privilege Vulnerability |
Critical |
| Confidential Azure Container Instances |
CVE-2025-59291 |
Confidential Azure Container Instances Elevation of Privilege Vulnerability |
Critical |
| Connected Devices Platform Service (Cdpsvc) |
CVE-2025-59191 |
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
Important |
| Connected Devices Platform Service (Cdpsvc) |
CVE-2025-55326 |
Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability |
Important |
| Connected Devices Platform Service (Cdpsvc) |
CVE-2025-58719 |
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
Important |
| Copilot |
CVE-2025-59272 |
Copilot Spoofing Vulnerability |
Critical |
| Copilot |
CVE-2025-59252 |
M365 Copilot Spoofing Vulnerability |
Critical |
| Copilot |
CVE-2025-59286 |
Copilot Spoofing Vulnerability |
Critical |
| Data Sharing Service Client |
CVE-2025-59200 |
Data Sharing Service Spoofing Vulnerability |
Important |
| Games |
CVE-2025-59489 |
MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability |
Important |
| GitHub |
CVE-2025-59288 |
Playwright Spoofing Vulnerability |
Moderate |
| Inbox COM Objects |
CVE-2025-58735 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58732 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-59282 |
Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58733 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58734 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58738 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58731 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58730 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Inbox COM Objects |
CVE-2025-58736 |
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
Important |
| Internet Explorer |
CVE-2025-59295 |
Windows URL Parsing Remote Code Execution Vulnerability |
Important |
| JDBC Driver for SQL Server |
CVE-2025-59250 |
JDBC Driver for SQL Server Spoofing Vulnerability |
Important |
| Mariner |
CVE-2025-39943 |
ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer |
Critical |
| Mariner |
CVE-2025-39946 |
tls: make sure to abort the stream if headers are bogus |
Moderate |
| Mariner |
CVE-2025-39942 |
ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size |
Moderate |
| Mariner |
CVE-2025-39951 |
um: virtio_uml: Fix use-after-free after put_device in probe |
Moderate |
| Mariner |
CVE-2025-39932 |
smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) |
Moderate |
| Mariner |
CVE-2025-39949 |
qed: Don’t collect too many protection override GRC elements |
Moderate |
| Mariner |
CVE-2025-39937 |
net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer |
Moderate |
| Mariner |
CVE-2025-39955 |
tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). |
Moderate |
| Mariner |
CVE-2025-39895 |
sched: Fix sched_numa_find_nth_cpu() if mask offline |
Moderate |
| Mariner |
CVE-2025-11413 |
GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds |
Moderate |
| Mariner |
CVE-2025-11414 |
GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds |
Moderate |
| Mariner |
CVE-2025-39938 |
ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed |
Moderate |
| Mariner |
CVE-2025-11495 |
GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow |
Moderate |
| Mariner |
CVE-2025-39934 |
drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ |
Moderate |
| Mariner |
CVE-2025-39929 |
smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path |
Moderate |
| Mariner |
CVE-2025-39945 |
cnic: Fix use-after-free bugs in cnic_delete_task |
Important |
| Mariner |
CVE-2025-39907 |
mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer |
Critical |
| Mariner |
CVE-2025-39913 |
tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. |
Moderate |
| Mariner |
CVE-2025-39952 |
wifi: wilc1000: avoid buffer overflow in WID string configuration |
Important |
| Mariner |
CVE-2025-39940 |
dm-stripe: fix a possible integer overflow |
Moderate |
| Mariner |
CVE-2025-39953 |
cgroup: split cgroup_destroy_wq into 3 workqueues |
Moderate |
| Mariner |
CVE-2023-53469 |
af_unix: Fix null-ptr-deref in unix_stream_sendpage(). |
Important |
| Mariner |
CVE-2025-39914 |
tracing: Silence warning when chunk allocation fails in trace_pid_write |
Moderate |
| Mariner |
CVE-2025-39905 |
net: phylink: add lock for serializing concurrent pl->phydev writes with resolver |
Moderate |
| Mariner |
CVE-2025-39920 |
pcmcia: Add error handling for add_interval() in do_validate_mem() |
Moderate |
| Mariner |
CVE-2025-39911 |
i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path |
Low |
| Mariner |
CVE-2025-39958 |
iommu/s390: Make attach succeed when the device was surprise removed |
Low |
| Mariner |
CVE-2025-8291 |
ZIP64 End of Central Directory (EOCD) Locator record offset not checked |
Moderate |
| Mariner |
CVE-2025-39957 |
wifi: mac80211: increase scan_ies_len for S1G |
Low |
| Mariner |
CVE-2025-46818 |
Redis: Authenticated users can execute LUA scripts as a different user |
Moderate |
| Mariner |
CVE-2025-46817 |
Lua library commands may lead to integer overflow and potential RCE |
Important |
| Mariner |
CVE-2022-50502 |
mm: /proc/pid/smaps_rollup: fix no vma’s null-deref |
Moderate |
| Mariner |
CVE-2025-39944 |
octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() |
Important |
| Mariner |
CVE-2025-11234 |
Qemu-kvm: vnc websocket handshake use-after-free |
Moderate |
| Mariner |
CVE-2025-49844 |
Redis Lua Use-After-Free may lead to remote code execution |
Critical |
| Mariner |
CVE-2025-10729 |
Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG |
Important |
| Mariner |
CVE-2025-39961 |
iommu/amd/pgtbl: Fix possible race while increase page table level |
Moderate |
| Mariner |
CVE-2025-61984 |
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) |
Low |
| Mariner |
CVE-2025-46819 |
Redis is vulnerable to DoS via specially crafted LUA scripts |
Moderate |
| Mariner |
CVE-2025-37727 |
Elasticsearch Insertion of sensitive information in log file |
Moderate |
| Mariner |
CVE-2025-11412 |
GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds |
Moderate |
| Mariner |
CVE-2025-39931 |
crypto: af_alg – Set merge to zero early in af_alg_sendmsg |
Moderate |
| Mariner |
CVE-2025-39933 |
smb: client: let recv_done verify data_offset, data_length and remaining_data_length |
Moderate |
| Mariner |
CVE-2025-39947 |
net/mlx5e: Harden uplink netdev access against device unbind |
Moderate |
| Mariner |
CVE-2025-61985 |
ssh in OpenSSH before 10.1 allows the ‘\0’ character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. |
Low |
| Mariner |
CVE-2025-10728 |
Uncontrolled recursion in Qt SVG module |
Important |
| Mariner |
CVE-2025-39916 |
mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() |
Moderate |
| Mariner |
CVE-2025-39902 |
mm/slub: avoid accessing metadata when pointer is invalid in object_err() |
Moderate |
| Mariner |
CVE-2025-39923 |
dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees |
Moderate |
| Mariner |
CVE-2025-39898 |
e1000e: fix heap overflow in e1000_set_eeprom |
Critical |
| Mariner |
CVE-2025-39925 |
can: j1939: implement NETDEV_UNREGISTER notification handler |
Critical |
| Mariner |
CVE-2025-39891 |
wifi: mwifiex: Initialize the chan_stats array to zero |
Moderate |
| Mariner |
CVE-2025-39927 |
ceph: fix race condition validating r_parent before applying state |
Moderate |
| Mariner |
CVE-2025-39901 |
i40e: remove read access to debugfs files |
Important |
| Mariner |
CVE-2025-39910 |
mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() |
Critical |
| Mariner |
CVE-2025-39909 |
mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() |
Moderate |
| Microsoft Brokering File System |
CVE-2025-48004 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Important |
| Microsoft Brokering File System |
CVE-2025-59189 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Important |
| Microsoft Configuration Manager |
CVE-2025-55320 |
Configuration Manager Elevation of Privilege Vulnerability |
Important |
| Microsoft Configuration Manager |
CVE-2025-59213 |
Configuration Manager Elevation of Privilege Vulnerability |
Important |
| Microsoft Defender for Linux |
CVE-2025-59497 |
Microsoft Defender for Linux Denial of Service Vulnerability |
Important |
| Microsoft Edge (Chromium-based) |
CVE-2025-11213 |
Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11210 |
Chromium: CVE-2025-11210 Side-channel information leakage in Tab |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11460 |
Chromium: CVE-2025-11460 Use after free in Storage |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11458 |
Chromium: CVE-2025-11458 Heap buffer overflow in Sync |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11215 |
Chromium: CVE-2025-11215 Off by one error in V8 |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11216 |
Chromium: CVE-2025-11216 Inappropriate implementation in Storage |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11208 |
Chromium: CVE-2025-11208 Inappropriate implementation in Media |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11212 |
Chromium: CVE-2025-11212 Inappropriate implementation in Media |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11211 |
Chromium: CVE-2025-11211 Out of bounds read in Media |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11205 |
Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11207 |
Chromium: CVE-2025-11207 Side-channel information leakage in Storage |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11209 |
Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11206 |
Chromium: CVE-2025-11206 Heap buffer overflow in Video |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2025-11219 |
Chromium: CVE-2025-11219 Use after free in V8 |
Unknown |
| Microsoft Exchange Server |
CVE-2025-59248 |
Microsoft Exchange Server Spoofing Vulnerability |
Important |
| Microsoft Exchange Server |
CVE-2025-59249 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Important |
| Microsoft Exchange Server |
CVE-2025-53782 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Important |
| Microsoft Failover Cluster Virtual Driver |
CVE-2025-59260 |
Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2025-59195 |
Microsoft Graphics Component Denial of Service Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2016-9535 |
MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability |
Critical |
| Microsoft Graphics Component |
CVE-2025-59261 |
Windows Graphics Component Elevation of Privilege Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2025-49708 |
Microsoft Graphics Component Elevation of Privilege Vulnerability |
Critical |
| Microsoft Graphics Component |
CVE-2025-59205 |
Windows Graphics Component Elevation of Privilege Vulnerability |
Important |
| Microsoft Office |
CVE-2025-59229 |
Microsoft Office Denial of Service Vulnerability |
Important |
| Microsoft Office |
CVE-2025-59227 |
Microsoft Office Remote Code Execution Vulnerability |
Critical |
| Microsoft Office |
CVE-2025-59234 |
Microsoft Office Remote Code Execution Vulnerability |
Critical |
| Microsoft Office Excel |
CVE-2025-59223 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59224 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59225 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59232 |
Microsoft Excel Information Disclosure Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59235 |
Microsoft Excel Information Disclosure Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59233 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59231 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2025-59236 |
Microsoft Excel Remote Code Execution Vulnerability |
Critical |
| Microsoft Office Excel |
CVE-2025-59243 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office PowerPoint |
CVE-2025-59238 |
Microsoft PowerPoint Remote Code Execution Vulnerability |
Important |
| Microsoft Office SharePoint |
CVE-2025-59237 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Important |
| Microsoft Office SharePoint |
CVE-2025-59228 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Important |
| Microsoft Office Visio |
CVE-2025-59226 |
Microsoft Office Visio Remote Code Execution Vulnerability |
Important |
| Microsoft Office Word |
CVE-2025-59222 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
| Microsoft Office Word |
CVE-2025-59221 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
| Microsoft PowerShell |
CVE-2025-25004 |
PowerShell Elevation of Privilege Vulnerability |
Important |
| Microsoft Windows |
CVE-2025-55701 |
Windows Authentication Elevation of Privilege Vulnerability |
Important |
| Microsoft Windows Codecs Library |
CVE-2025-54957 |
MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder |
Important |
| Microsoft Windows Search Component |
CVE-2025-59198 |
Windows Search Service Denial of Service Vulnerability |
Important |
| Microsoft Windows Search Component |
CVE-2025-59190 |
Windows Search Service Denial of Service Vulnerability |
Important |
| Microsoft Windows Search Component |
CVE-2025-59253 |
Windows Search Service Denial of Service Vulnerability |
Important |
| Microsoft Windows Speech |
CVE-2025-58715 |
Windows Speech Runtime Elevation of Privilege Vulnerability |
Important |
| Microsoft Windows Speech |
CVE-2025-58716 |
Windows Speech Runtime Elevation of Privilege Vulnerability |
Important |
| Network Connection Status Indicator (NCSI) |
CVE-2025-59201 |
Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability |
Important |
| NtQueryInformation Token function (ntifs.h) |
CVE-2025-55696 |
NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability |
Important |
| Redis Enterprise |
CVE-2025-59271 |
Redis Enterprise Elevation of Privilege Vulnerability |
Critical |
| Remote Desktop Client |
CVE-2025-58718 |
Remote Desktop Client Remote Code Execution Vulnerability |
Important |
| Software Protection Platform (SPP) |
CVE-2025-59199 |
Software Protection Platform (SPP) Elevation of Privilege Vulnerability |
Important |
| Storport.sys Driver |
CVE-2025-59192 |
Storport.sys Driver Elevation of Privilege Vulnerability |
Important |
| TCG TPM2.0 |
CVE-2025-2884 |
Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation |
Important |
| Virtual Secure Mode |
CVE-2025-48813 |
Virtual Secure Mode Spoofing Vulnerability |
Important |
| Visual Studio |
CVE-2025-55240 |
Visual Studio Elevation of Privilege Vulnerability |
Important |
| Visual Studio |
CVE-2025-54132 |
GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool |
Important |
| Windows Ancillary Function Driver for WinSock |
CVE-2025-58714 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Important |
| Windows Ancillary Function Driver for WinSock |
CVE-2025-59242 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Important |
| Windows Authentication Methods |
CVE-2025-59277 |
Windows Authentication Elevation of Privilege Vulnerability |
Important |
| Windows Authentication Methods |
CVE-2025-59278 |
Windows Authentication Elevation of Privilege Vulnerability |
Important |
| Windows Authentication Methods |
CVE-2025-59275 |
Windows Authentication Elevation of Privilege Vulnerability |
Important |
| Windows BitLocker |
CVE-2025-55337 |
Windows BitLocker Security Feature Bypass Vulnerability |
Important |
| Windows BitLocker |
CVE-2025-55332 |
Windows BitLocker Security Feature Bypass Vulnerability |
Important |
| Windows BitLocker |
CVE-2025-55333 |
Windows BitLocker Security Feature Bypass Vulnerability |
Important |
| Windows BitLocker |
CVE-2025-55330 |
Windows BitLocker Security Feature Bypass Vulnerability |
Important |
| Windows BitLocker |
CVE-2025-55338 |
Windows BitLocker Security Feature Bypass Vulnerability |
Important |
| Windows BitLocker |
CVE-2025-55682 |
Windows BitLocker Security Feature Bypass Vulnerability |
Important |
| Windows Bluetooth Service |
CVE-2025-59290 |
Windows Bluetooth Service Elevation of Privilege Vulnerability |
Important |
| Windows Bluetooth Service |
CVE-2025-58728 |
Windows Bluetooth Service Elevation of Privilege Vulnerability |
Important |
| Windows Bluetooth Service |
CVE-2025-59289 |
Windows Bluetooth Service Elevation of Privilege Vulnerability |
Important |
| Windows Cloud Files Mini Filter Driver |
CVE-2025-55680 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Important |
| Windows Cloud Files Mini Filter Driver |
CVE-2025-55336 |
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability |
Important |
| Windows COM |
CVE-2025-58725 |
Windows COM+ Event System Service Elevation of Privilege Vulnerability |
Important |
| Windows Connected Devices Platform Service |
CVE-2025-58727 |
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
Important |
| Windows Core Shell |
CVE-2025-59185 |
NTLM Hash Disclosure Spoofing Vulnerability |
Important |
| Windows Core Shell |
CVE-2025-59244 |
NTLM Hash Disclosure Spoofing Vulnerability |
Important |
| Windows Cryptographic Services |
CVE-2025-58720 |
Windows Cryptographic Services Information Disclosure Vulnerability |
Important |
| Windows Device Association Broker service |
CVE-2025-50174 |
Windows Device Association Broker Service Elevation of Privilege Vulnerability |
Important |
| Windows Device Association Broker service |
CVE-2025-55677 |
Windows Device Association Broker Service Elevation of Privilege Vulnerability |
Important |
| Windows Digital Media |
CVE-2025-53150 |
Windows Digital Media Elevation of Privilege Vulnerability |
Important |
| Windows Digital Media |
CVE-2025-50175 |
Windows Digital Media Elevation of Privilege Vulnerability |
Important |
| Windows DirectX |
CVE-2025-55678 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Important |
| Windows DirectX |
CVE-2025-55698 |
DirectX Graphics Kernel Denial of Service Vulnerability |
Important |
| Windows DWM |
CVE-2025-58722 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Important |
| Windows DWM |
CVE-2025-55681 |
Desktop Windows Manager Elevation of Privilege Vulnerability |
Important |
| Windows DWM Core Library |
CVE-2025-59255 |
Windows DWM Core Library Elevation of Privilege Vulnerability |
Important |
| Windows DWM Core Library |
CVE-2025-59254 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Important |
| Windows Error Reporting |
CVE-2025-55692 |
Windows Error Reporting Service Elevation of Privilege Vulnerability |
Important |
| Windows Error Reporting |
CVE-2025-55694 |
Windows Error Reporting Service Elevation of Privilege Vulnerability |
Important |
| Windows ETL Channel |
CVE-2025-59197 |
Windows ETL Channel Information Disclosure Vulnerability |
Important |
| Windows Failover Cluster |
CVE-2025-59188 |
Microsoft Failover Cluster Information Disclosure Vulnerability |
Important |
| Windows Failover Cluster |
CVE-2025-47979 |
Microsoft Failover Cluster Information Disclosure Vulnerability |
Important |
| Windows File Explorer |
CVE-2025-59214 |
Microsoft Windows File Explorer Spoofing Vulnerability |
Important |
| Windows File Explorer |
CVE-2025-58739 |
Microsoft Windows File Explorer Spoofing Vulnerability |
Important |
| Windows Health and Optimized Experiences Service |
CVE-2025-59241 |
Windows Health and Optimized Experiences Elevation of Privilege Vulnerability |
Important |
| Windows Hello |
CVE-2025-53139 |
Windows Hello Security Feature Bypass Vulnerability |
Important |
| Windows High Availability Services |
CVE-2025-59184 |
Storage Spaces Direct Information Disclosure Vulnerability |
Important |
| Windows Hyper-V |
CVE-2025-55328 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2025-55679 |
Windows Kernel Information Disclosure Vulnerability |
Important |
| Windows Kernel |
CVE-2025-55683 |
Windows Kernel Information Disclosure Vulnerability |
Important |
| Windows Kernel |
CVE-2025-59207 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2025-55334 |
Windows Kernel Security Feature Bypass Vulnerability |
Important |
| Windows Kernel |
CVE-2025-59186 |
Windows Kernel Information Disclosure Vulnerability |
Important |
| Windows Kernel |
CVE-2025-55693 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2025-59194 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2025-59187 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2025-50152 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2025-55699 |
Windows Kernel Information Disclosure Vulnerability |
Important |
| Windows Local Session Manager (LSM) |
CVE-2025-58729 |
Windows Local Session Manager (LSM) Denial of Service Vulnerability |
Important |
| Windows Local Session Manager (LSM) |
CVE-2025-59257 |
Windows Local Session Manager (LSM) Denial of Service Vulnerability |
Important |
| Windows Local Session Manager (LSM) |
CVE-2025-59259 |
Windows Local Session Manager (LSM) Denial of Service Vulnerability |
Important |
| Windows Management Services |
CVE-2025-59193 |
Windows Management Services Elevation of Privilege Vulnerability |
Important |
| Windows Management Services |
CVE-2025-59204 |
Windows Management Services Information Disclosure Vulnerability |
Important |
| Windows MapUrlToZone |
CVE-2025-59208 |
Windows MapUrlToZone Information Disclosure Vulnerability |
Important |
| Windows NDIS |
CVE-2025-55339 |
Windows Network Driver Interface Specification Driver Elevation of Privilege Vulnerability |
Important |
| Windows NTFS |
CVE-2025-55335 |
Windows NTFS Elevation of Privilege Vulnerability |
Important |
| Windows NTLM |
CVE-2025-59284 |
Windows NTLM Spoofing Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55331 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55689 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55685 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55686 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55690 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55684 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55688 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows PrintWorkflowUserSvc |
CVE-2025-55691 |
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
Important |
| Windows Push Notification Core |
CVE-2025-59209 |
Windows Push Notification Information Disclosure Vulnerability |
Important |
| Windows Push Notification Core |
CVE-2025-59211 |
Windows Push Notification Information Disclosure Vulnerability |
Important |
| Windows Remote Access Connection Manager |
CVE-2025-59230 |
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
Important |
| Windows Remote Desktop |
CVE-2025-58737 |
Remote Desktop Protocol Remote Code Execution Vulnerability |
Important |
| Windows Remote Desktop Protocol |
CVE-2025-55340 |
Windows Remote Desktop Protocol Security Feature Bypass |
Important |
| Windows Remote Desktop Services |
CVE-2025-59202 |
Windows Remote Desktop Services Elevation of Privilege Vulnerability |
Important |
| Windows Remote Procedure Call |
CVE-2025-59502 |
Remote Procedure Call Denial of Service Vulnerability |
Moderate |
| Windows Resilient File System (ReFS) |
CVE-2025-55687 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Important |
| Windows Resilient File System (ReFS) Deduplication Service |
CVE-2025-59210 |
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
Important |
| Windows Resilient File System (ReFS) Deduplication Service |
CVE-2025-59206 |
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
Important |
| Windows Routing and Remote Access Service (RRAS) |
CVE-2025-58717 |
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
Important |
| Windows Routing and Remote Access Service (RRAS) |
CVE-2025-55700 |
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
Important |
| Windows Secure Boot |
CVE-2025-47827 |
MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 |
Important |
| Windows Server Update Service |
CVE-2025-59287 |
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability |
Critical |
| Windows SMB Client |
CVE-2025-59280 |
Windows SMB Client Tampering Vulnerability |
Important |
| Windows SMB Server |
CVE-2025-58726 |
Windows SMB Server Elevation of Privilege Vulnerability |
Important |
| Windows SSDP Service |
CVE-2025-59196 |
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability |
Important |
| Windows StateRepository API |
CVE-2025-59203 |
Windows State Repository API Server File Information Disclosure Vulnerability |
Important |
| Windows Storage Management Provider |
CVE-2025-55325 |
Windows Storage Management Provider Information Disclosure Vulnerability |
Important |
| Windows Taskbar Live |
CVE-2025-59294 |
Windows Taskbar Live Preview Information Disclosure Vulnerability |
Important |
| Windows USB Video Driver |
CVE-2025-55676 |
Windows USB Video Class System Driver Information Disclosure Vulnerability |
Important |
| Windows Virtualization-Based Security (VBS) Enclave |
CVE-2025-53717 |
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability |
Important |
| Windows WLAN Auto Config Service |
CVE-2025-55695 |
Windows WLAN AutoConfig Service Information Disclosure Vulnerability |
Important |
| Xbox |
CVE-2025-53768 |
Xbox IStorageService Elevation of Privilege Vulnerability |
Important |
| XBox Gaming Services |
CVE-2025-59281 |
Xbox Gaming Services Elevation of Privilege Vulnerability |
Important |
