microsoft

14,170 tracked vulnerabilities.

CVE-2025-49690 HIGH
Windows 10/11, Server 2019/2022/2025 - Unauthenticated Privilege Escalation via Race Condition
Jul 08, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-49689 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - Local Privilege Escalation via VHDX Integer Overflow
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-49688 HIGH
Windows Server 2012, 2016, 2019, 2022, 2025 - Remote Code Execution via RRAS Double Free
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49687 HIGH
Windows 10/11, Server 2012-2016 Privilege Escalation via IME Out-of-bounds Read
Jul 08, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-49686 HIGH
Windows 10/11, Server 2008 Privilege Escalation via Null Pointer Dereference
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-49685 HIGH
Windows 10/11, Server 2019/2022 Use-After-Free in Search Component
Jul 08, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-49684 MEDIUM
Windows 10/11 Storage Port Driver Authenticated Information Disclosure via Buffer Over-read
Jul 08, 2025
CVSS 5.5
EPSS 0.01
CVE-2025-49683 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - Local Code Execution via VHDX Integer Overflow
Jul 08, 2025
CVSS 7.8
EPSS 0.02
CVE-2025-49682 HIGH
Windows 10/11, Server 2022/2025 - Authenticated Use-After-Free in Media
Jul 08, 2025
CVSS 7.3
EPSS 0.01
CVE-2025-49681 MEDIUM
Windows Server RRAS Unauthenticated Out-of-bounds Read
Jul 08, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-49680 HIGH
Windows Performance Recorder - Denial of Service via Improper Link Resolution
Jul 08, 2025
CVSS 7.3
EPSS 0.01
CVE-2025-49679 HIGH
Microsoft Windows Shell - Elevation of Privilege via Numeric Truncation
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-49678 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - Privilege Escalation via NTFS Null Pointer Dereference
Jul 08, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-49677 HIGH
Windows 11 22H2 < 10.0.22621.5624 - Authenticated Use-After-Free in Brokering File System
Jul 08, 2025
CVSS 7.0
EPSS 0.03
CVE-2025-49676 HIGH
Windows Server RRAS Heap Overflow Remote Code Execution
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49675 HIGH
Windows 10/11, Server 2008 - Use-After-Free in Kernel Streaming WOW Thunk
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-49674 HIGH
Windows Server 2008-2025 RRAS Heap Overflow RCE
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49673 HIGH
Windows Server RRAS Heap Overflow RCE (2008, 2012, 2016, 2019, 2022, 2025)
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49672 HIGH
Windows Server RRAS Heap Overflow Remote Code Execution
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49671 MEDIUM
Windows Server 2008/2012/2016/2019/2022/2025 Information Disclosure via RRAS
Jul 08, 2025
CVSS 6.5
EPSS 0.02
CVE-2025-49670 MEDIUM
Windows Server RRAS Heap Overflow Remote Code Execution
Jul 08, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-49669 HIGH
Windows Server RRAS Heap Overflow Remote Code Execution (2008, 2012, 2016, 2019, 2022, 2025)
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49668 HIGH
Windows Server RRAS Heap Overflow Remote Code Execution
Jul 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-49667 HIGH
Windows 10 1507-24H2 and Windows Server 2008-2012 - Authenticated Privilege Escalation via Win32K ICOMP Double Free
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-49666 HIGH
Windows Server 2016/2019/2022/2025 Authenticated RCE via Heap-based Buffer Overflow
Jul 08, 2025
CVSS 7.2
EPSS 0.02
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV