microsoft

14,170 tracked vulnerabilities.

CVE-2025-29795 HIGH
Microsoft Edge Update < 1.3.195.45 - Authenticated Privilege Escalation via Improper Link Resolution
Mar 23, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-29814 CRITICAL
Microsoft Partner Center - Privilege Escalation via Improper Authorization
Mar 21, 2025
CVSS 9.3
EPSS 0.14
CVE-2025-29807 HIGH
Microsoft Dataverse - Remote Code Execution via Untrusted Data Deserialization
Mar 21, 2025
CVSS 8.7
EPSS 0.01
CVE-2025-24053 HIGH
Microsoft Dataverse - Improper Authorization
Mar 13, 2025
CVSS 7.2
EPSS 0.00
CVE-2025-26645 HIGH
Windows 10/11, Server 2008 - RCE via Remote Desktop Client Path Traversal
Mar 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-26634 HIGH
Windows 10/11, Server 2016-2022 Authenticated Heap Overflow in Core Messaging
Mar 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-26633 HIGH KEV
Microsoft Management Console - Auth Bypass
Mar 11, 2025
CVSS 7.0
EPSS 0.45
CVE-2025-26631 HIGH
Visual Studio Code < 1.98.0 - Authenticated Privilege Escalation via Uncontrolled Search Path Element
Mar 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-26630 HIGH
Microsoft 365 Apps - Use-After-Free in Microsoft Office Access
Mar 11, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-26629 HIGH
Microsoft 365 Apps and Office Long Term Servicing Channel - Use-After-Free
Mar 11, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-26627 HIGH
Azure Arc < 1.0.10 - Authenticated Command Injection
Mar 11, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-25008 HIGH
Microsoft Windows - Privilege Escalation
Mar 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-25003 HIGH
Visual Studio - Privilege Escalation
Mar 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-24998 HIGH
Visual Studio - Privilege Escalation
Mar 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-24997 MEDIUM
Microsoft Windows Kernel Null Pointer Dereference - Denial of Service
Mar 11, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-24996 MEDIUM
Windows 10 1507-24H2 and Windows Server 2008-2012 - Unauthenticated Spoofing via NTLM File Path Control
Mar 11, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-24995 HIGH
Kernel Streaming WOW Thunk Service Driver - Privilege Escalation
Mar 11, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-24994 HIGH
Windows Cross Device Service - Privilege Escalation
Mar 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-24993 HIGH KEV
Windows 10 1507-22H2 and Windows 11 22H2 - Unauthenticated Heap-based Buffer Overflow
Mar 11, 2025
CVSS 7.8
EPSS 0.02
CVE-2025-24992 MEDIUM
Windows NTFS - Unauthenticated Buffer Over-read
Mar 11, 2025
CVSS 5.5
EPSS 0.01
CVE-2025-24991 MEDIUM KEV
Windows 10 1507-22H2 and Windows 11 22H2 - Out-of-bounds Read in NTFS
Mar 11, 2025
CVSS 5.5
EPSS 0.02
CVE-2025-24988 MEDIUM
Windows USB Video Driver - Privilege Escalation
Mar 11, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-24987 MEDIUM
Windows USB Video Driver - Privilege Escalation
Mar 11, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-24986 MEDIUM
Azure PromptFlow Core < 1.17.2 and PromptFlow Tools < 1.6.0 - Unauthenticated Remote Code Execution
Mar 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-24985 HIGH KEV
Windows Fast FAT Driver - Code Injection
Mar 11, 2025
CVSS 7.8
EPSS 0.02
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV