microsoft

14,170 tracked vulnerabilities.

CVE-2025-47976 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - Authenticated Use-After-Free in SSDP Service
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-47975 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - Double Free in SSDP Service
Jul 08, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-47973 HIGH
Windows 10/11, Server 2008 - Unauthenticated Privilege Escalation via VHDX Buffer Over-read
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-47972 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2016-2019 - Privilege Escalation via IME Race Condition
Jul 08, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-47971 HIGH
Windows 10/11, Server 2008 - Unauthenticated Privilege Escalation via VHDX Buffer Over-read
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-47178 HIGH
Microsoft Configuration Manager 2503 < 5.00.9135.1003 - Authenticated SQL Injection
Jul 08, 2025
CVSS 8.0
EPSS 0.01
CVE-2025-47159 HIGH
Windows VBS Enclave - Privilege Escalation
Jul 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-33054 HIGH
Remote Desktop Client - Info Disclosure
Jul 08, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-26636 MEDIUM
Windows 11 24H2 and Windows Server 2025 < 10.0.26100.4652 - Information Disclosure via Processor Optimization Removal
Jul 08, 2025
CVSS 5.5
EPSS 0.01
CVE-2025-21195 MEDIUM
Azure Service Fabric - Privilege Escalation via Improper Link Resolution
Jul 08, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-7326 HIGH
ASP.NET Core - Privilege Escalation
Jul 08, 2025
CVSS 7.0
EPSS 0.01
CVE-2025-49713 HIGH
Microsoft Edge Chromium < 138.0.3351.65 - Remote Code Execution via Type Confusion
Jul 02, 2025
CVSS 8.8
EPSS 0.03
CVE-2025-49741 HIGH
Microsoft Edge Chromium < 135.0.3179.98 - Unauthenticated Information Disclosure
Jul 01, 2025
CVSS 7.4
EPSS 0.08
CVE-2025-49715 HIGH
Dynamics 365 FastTrack Implementation Assets - Info Disclosure
Jun 20, 2025
CVSS 7.5
EPSS 0.08
CVE-2025-47959 HIGH
Visual Studio 2022 17.8.0-17.8.21 - Authenticated Remote Code Execution
Jun 13, 2025
CVSS 7.1
EPSS 0.01
CVE-2025-30399 HIGH
.NET & Visual Studio - Code Injection
Jun 13, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-32711 CRITICAL
Microsoft 365 Copilot - Ai Command Injection
Jun 11, 2025
CVSS 9.3
EPSS 0.10
CVE-2025-32717 HIGH
Microsoft 365 Apps - Heap-based Buffer Overflow
Jun 11, 2025
CVSS 8.4
EPSS 0.01
CVE-2025-47977 HIGH
Nuance Digital Engagement Platform < 5.64.x - Cross-Site Scripting
Jun 10, 2025
CVSS 8.2
EPSS 0.01
CVE-2025-47969 MEDIUM
Windows 11 22H2/23H2/24H2 and Windows Server 2025 - Unauthorized Sensitive Information Exposure in Windows Hello
Jun 10, 2025
CVSS 4.4
EPSS 0.01
CVE-2025-47968 HIGH
Microsoft AutoUpdate < 4.79 - Authenticated Privilege Escalation
Jun 10, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-47962 HIGH
Windows Software Development Kit < 10.0.26100.4188 - Privilege Escalation
Jun 10, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-47957 HIGH
Microsoft 365 Apps and Office Long Term Servicing Channel - Use-After-Free
Jun 10, 2025
CVSS 8.4
EPSS 0.02
CVE-2025-47956 MEDIUM
Windows Security App - Path Traversal
Jun 10, 2025
CVSS 5.5
EPSS 0.02
CVE-2025-47955 HIGH
Windows Remote Access Connection Manager - Privilege Escalation
Jun 10, 2025
CVSS 7.8
EPSS 0.01
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV