microsoft
14,170 tracked vulnerabilities.
CVE-2025-26639
HIGH
Windows USB Print Driver < 10.0.19044.5737 - Authenticated Privilege Escalation via Integer Overflow
Apr 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-26637
MEDIUM
Windows BitLocker - Privilege Escalation
Apr 08, 2025
CVSS 6.8
EPSS 0.01
CVE-2025-26635
MEDIUM
Windows 10/11, Server 2019/2022 - Weak Authentication in Windows Hello
Apr 08, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-26628
HIGH
Azure Local Cluster < 2411.2 - Authenticated Information Disclosure via Insufficiently Protected Credentials
Apr 08, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-25002
MEDIUM
Azure Local Cluster - Info Disclosure
Apr 08, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24074
HIGH
Windows DWM Core Library - Authenticated Privilege Escalation via Improper Input Validation
Apr 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-24073
HIGH
Windows 10 1507-22H2 and Windows 11 22H2-24H2 - Authenticated Privilege Escalation via DWM Core Library Input Validation
Apr 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-24062
HIGH
Windows DWM Core Library - Authenticated Privilege Escalation via Improper Input Validation
Apr 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-24060
HIGH
Windows DWM Core Library - Authenticated Privilege Escalation via Improper Input Validation
Apr 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-24058
HIGH
Windows DWM Core Library - Privilege Escalation via Improper Input Validation
Apr 08, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-21222
HIGH
Windows 10 1507-24H2 and Windows Server 2008 - Remote Code Execution via Heap-based Buffer Overflow
Apr 08, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-21221
HIGH
Windows 10 1507-24H2 and Windows Server 2008 - Remote Code Execution via Heap-based Buffer Overflow
Apr 08, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-21205
HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
Apr 08, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-21204
HIGH
Windows 10 1507-24H2 and Windows Server 2008 - Privilege Escalation via Improper Link Resolution
Apr 08, 2025
CVSS 7.8
EPSS 0.04
CVE-2025-21203
MEDIUM
Windows Server 2008-2025 Unauthenticated Buffer Over-read in RRAS
Apr 08, 2025
CVSS 6.5
EPSS 0.02
CVE-2025-21197
MEDIUM
Windows NTFS - Authenticated Path Information Disclosure
Apr 08, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21191
HIGH
Windows 10 1507-24H2 and Windows Server 2008 - Privilege Escalation via LSA TOCTOU Race Condition
Apr 08, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-21174
HIGH
Windows Server 2012, 2016, 2019, 2022, 2025 - Unauthenticated DoS via Storage Management Service
Apr 08, 2025
CVSS 7.5
EPSS 0.11
CVE-2025-29815
HIGH
Microsoft Edge Chromium < 134.0.3124.66 - Use-After-Free
Apr 04, 2025
CVSS 7.6
EPSS 0.01
CVE-2025-29796
MEDIUM
Microsoft Edge for iOS - Info Disclosure
Apr 04, 2025
CVSS 4.7
EPSS 0.01
CVE-2025-25001
MEDIUM
Microsoft Edge < 132.0.2957.118 - Cross-Site Scripting
Apr 04, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-25000
HIGH
Microsoft Edge (Chromium-based) - RCE
Apr 04, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-21384
HIGH
Microsoft Azure Health Bot - Authenticated Server-Side Request Forgery
Apr 01, 2025
CVSS 8.3
EPSS 0.01
CVE-2025-26683
HIGH
Azure Playwright - Unauthenticated Privilege Escalation
Mar 31, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-29806
MEDIUM
Microsoft Edge Chromium < 129.0.2792.52 - Remote Code Execution via Type Confusion
Mar 23, 2025
CVSS 6.5
EPSS 0.02
Products
windows_server_2016 4,606
windows_server_2019 4,345
windows_server_2012 3,825
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,699
windows_7 2,368
windows_8.1 2,216
windows_rt_8.1 2,020
windows_10_1809 1,935
windows_10_21h2 1,934
windows_10_22h2 1,932
windows_server_2022_23h2 1,666
windows_10_1607 1,658
windows_11_22h2 1,651
internet_explorer 1,635
windows_11_23h2 1,548
windows_11_24h2 1,234
windows_10_1507 1,230
windows_server_2025 1,195
office 1,032
windows_11_21h2 1,001
windows_vista 828
edge 756
windows_xp 739
windows_11 573
windows_2000 515
windows_11_25h2 502
sharepoint_server 477
365_apps 472
Quick Filters