microsoft

14,170 tracked vulnerabilities.

CVE-2025-49759 HIGH
SQL Server 2016-2022 Authenticated SQL Injection
Aug 12, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49758 HIGH
SQL Server 2016-2022 Authenticated Privilege Escalation via SQL Injection
Aug 12, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49757 HIGH
Windows Server RRAS Heap Overflow RCE (2008, 2012, 2016, 2019, 2022, 2025)
Aug 12, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-49755 MEDIUM
Microsoft Edge for Android - Info Disclosure
Aug 12, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-49751 MEDIUM
Windows 10/11, Server 2016-2025 DoS via Hyper-V Missing Sync
Aug 12, 2025
CVSS 6.8
EPSS 0.01
CVE-2025-49745 MEDIUM
Microsoft Dynamics 365 9.1-<9.1.38.10 - Unauthenticated Cross-Site Scripting
Aug 12, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-49743 MEDIUM
Windows 10/11 & Server 2008 Privilege Escalation via Graphics Race Condition
Aug 12, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-49736 MEDIUM
Microsoft Edge < 139.0.3405.86 - Spoofing via UI Action Misinterpretation
Aug 12, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-49712 HIGH
Microsoft SharePoint Server - Remote Code Execution via Untrusted Data Deserialization
Aug 12, 2025
CVSS 8.8
EPSS 0.33
CVE-2025-49707 HIGH
Azure Virtual Machines - Authenticated Spoofing via Improper Access Control
Aug 12, 2025
CVSS 7.9
EPSS 0.00
CVE-2025-48807 MEDIUM
Windows 10 1607-22H2, Windows 11 22H2-24H2, Windows Server 2016-2025 - Authenticated Remote Code Execution
Aug 12, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-47954 HIGH
SQL Server 2022 16.0.1000.6-16.0.1145.1 - Authenticated SQL Injection
Aug 12, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-33051 HIGH
Microsoft Exchange Server - Info Disclosure
Aug 12, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-25007 MEDIUM
Microsoft Exchange Server - Info Disclosure
Aug 12, 2025
CVSS 5.3
EPSS 0.02
CVE-2025-25006 MEDIUM
Microsoft Exchange Server - Spoofing
Aug 12, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-25005 MEDIUM
Microsoft Exchange Server - Info Disclosure
Aug 12, 2025
CVSS 6.5
EPSS 0.02
CVE-2025-24999 HIGH
Microsoft SQL Server 2016-2022 Privilege Escalation via Improper Access Control
Aug 12, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-53792 CRITICAL
Azure Portal - Privilege Escalation
Aug 07, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-53787 HIGH
Microsoft 365 Copilot BizChat - Info Disclosure
Aug 07, 2025
CVSS 8.2
EPSS 0.01
CVE-2025-53774 MEDIUM
Microsoft 365 Copilot - Info Disclosure
Aug 07, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-53767 CRITICAL
Azure OpenAI - Privilege Escalation
Aug 07, 2025
CVSS 10.0
EPSS 0.00
CVE-2025-53786 HIGH
Microsoft Exchange Server - Info Disclosure
Aug 06, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-53771 MEDIUM NUCLEI
Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution (aka ToolShell)
Jul 20, 2025
CVSS 6.5
EPSS 0.45
CVE-2025-53770 CRITICAL KEVNUCLEI
Microsoft SharePoint Server - Code Injection
Jul 20, 2025
CVSS 9.8
EPSS 0.90
CVE-2025-53762 HIGH
Microsoft Purview - Privilege Escalation
Jul 18, 2025
CVSS 8.7
EPSS 0.02
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV