microsoft

14,170 tracked vulnerabilities.

CVE-2025-55325 MEDIUM
Windows Storage Management Provider - Info Disclosure
Oct 14, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-55320 MEDIUM
Microsoft Configuration Manager - SQL Injection
Oct 14, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-55315 CRITICAL
ASP.NET Core 2.3.0-2.3.5 - HTTP Request Smuggling via Inconsistent Request Interpretation
Oct 14, 2025
CVSS 9.9
EPSS 0.02
CVE-2025-55248 MEDIUM
.NET Framework - Inadequate Encryption Strength
Oct 14, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-55247 HIGH
.NET 8.0.0-8.0.20 - Authenticated Privilege Escalation via Improper Link Resolution
Oct 14, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-55240 HIGH
Visual Studio - Privilege Escalation
Oct 14, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-53782 HIGH
Microsoft Exchange Server - Privilege Escalation
Oct 14, 2025
CVSS 8.4
EPSS 0.00
CVE-2025-53768 HIGH
Windows 10 1507-22H2 and Windows 11 22H2-25H2 - Authenticated Use-After-Free
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-53717 HIGH
Windows VBS Enclave - Privilege Escalation
Oct 14, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-53150 HIGH
Windows 10/11, Server 2019/2022/2025 Use-After-Free in Digital Media
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-53139 HIGH
Windows 10/11, Server 2025 Cleartext Transmission in Windows Hello
Oct 14, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-50175 HIGH
Windows Digital Media - Use After Free
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-50174 HIGH
Windows Device Association Broker - Privilege Escalation
Oct 14, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-50152 HIGH
Windows Kernel < - Privilege Escalation
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-49708 CRITICAL
Windows 10/11, Server 2019/2022/2025 - Use-After-Free in Graphics Component
Oct 14, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-48813 MEDIUM
Virtual Secure Mode - Info Disclosure
Oct 14, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-48004 HIGH
Windows 11 22H2-25H2 and Windows Server 2022 23H2/2025 - Use-After-Free in Brokering File System
Oct 14, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-47989 HIGH
Azure Connected Machine Agent < 1.57 - Authenticated Privilege Escalation
Oct 14, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-47979 MEDIUM
Microsoft Windows Server 2022 23h2 - Log Information Exposure
Oct 14, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-25004 HIGH
Microsoft PowerShell - Privilege Escalation
Oct 14, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-24990 HIGH KEV
Windows Agere Modem Driver - Untrusted Pointer Dereference
Oct 14, 2025
CVSS 7.8
EPSS 0.03
CVE-2025-24052 HIGH
Windows Agere Modem Driver - Stack-based Buffer Overflow in ltmdm64.sys
Oct 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59286 CRITICAL
Microsoft 365 Copilot Chat - Command Injection
Oct 09, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-59272 CRITICAL
Microsoft 365 Copilot Chat - Information Disclosure via Command Injection
Oct 09, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-59271 HIGH
Azure Cache for Redis - Improper Authorization
Oct 09, 2025
CVSS 8.7
EPSS 0.00
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV