microsoft

14,170 tracked vulnerabilities.

CVE-2025-60711 MEDIUM
Microsoft Edge (Chromium-based) - RCE
Oct 31, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-59501 MEDIUM
Microsoft Configuration Manager 2403 < 5.00.9128.1037 - Authentication Bypass by Spoofing
Oct 31, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-59503 CRITICAL
Azure Compute Gallery - Unauthenticated Server-Side Request Forgery
Oct 23, 2025
CVSS 10.0
EPSS 0.00
CVE-2025-59500 HIGH
Azure Notification Service - Privilege Escalation via Improper Access Control
Oct 23, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-59273 HIGH
Azure Event Grid - Unauthenticated Privilege Escalation
Oct 23, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-59502 HIGH
Windows Remote Procedure Call - Unauthenticated Denial of Service via Uncontrolled Resource Consumption
Oct 14, 2025
CVSS 7.5
EPSS 0.09
CVE-2025-59497 HIGH
Microsoft Defender for Endpoint < 101.25032.0010 - Authenticated Denial of Service via TOCTOU Race Condition
Oct 14, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59494 HIGH
Azure Monitor Agent < 1.38.1 - Authenticated Privilege Escalation
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59295 HIGH
Windows 10 1507-22H2, Windows 11 22H2-25H2, Windows Server 2008 - Remote Code Execution via Heap-based Buffer Overflow
Oct 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-59294 LOW
Windows Taskbar Live - Unauthenticated Exposure of Sensitive Information via Physical Attack
Oct 14, 2025
CVSS 2.1
EPSS 0.00
CVE-2025-59292 HIGH
Confidential Azure Container Instances - Privilege Escalation
Oct 14, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-59291 HIGH
Confidential Azure Container Instances - Privilege Escalation
Oct 14, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-59290 HIGH
Windows 10/11, Server 2022/2025 - Use-After-Free in Bluetooth Service
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59289 HIGH
Windows 10/11, Server 2022/2025 - Authenticated Double Free in Bluetooth Service
Oct 14, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59288 MEDIUM
Playwright < 1.55.1 - Improper Verification of Cryptographic Signature
Oct 14, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-59287 CRITICAL KEVNUCLEI
Windows Server 2012, 2016, 2019, 2022, 2025 - Unauthenticated RCE via Deserialization
Oct 14, 2025
CVSS 9.8
EPSS 0.69
CVE-2025-59285 HIGH
Azure Monitor Agent < 1.36.3 - Authenticated Privilege Escalation via Untrusted Data Deserialization
Oct 14, 2025
CVSS 7.0
EPSS 0.01
CVE-2025-59284 LOW
Windows 11 22H2-25H2 and Windows Server 2025 - Unauthorized Sensitive Information Exposure via NTLM Spoofing
Oct 14, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-59282 HIGH
Windows 10/11, Server 2008-2016 - Unauthenticated Race Condition in COM Objects
Oct 14, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59281 HIGH
XBox Gaming Services < 31.105.17001.0 - Authenticated Privilege Escalation via Improper Link Resolution
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59280 LOW
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - Unauthenticated SMB Tampering
Oct 14, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-59278 HIGH
Windows Authentication Methods - Privilege Escalation
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59277 HIGH
Windows Authentication Methods - Privilege Escalation
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59275 HIGH
Windows Authentication Methods - Privilege Escalation
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59261 HIGH
Windows 11 22H2-25H2 & Server 2022-2025 Privilege Escalation via Graphics TOCTOU
Oct 14, 2025
CVSS 7.0
EPSS 0.00
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV