microsoft

14,170 tracked vulnerabilities.

CVE-2025-21279 MEDIUM
Microsoft Edge Chromium < 133.0.3065.51 - Remote Code Execution via Type Confusion
Feb 06, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21267 MEDIUM
Microsoft Edge Chromium < 133.0.3065.51 - Spoofing via Improperly Implemented Security Check
Feb 06, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-21253 MEDIUM
Microsoft Edge for iOS and Android - User Interface Spoofing
Feb 06, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-21177 HIGH
Microsoft Dynamics 365 Sales - Server-Side Request Forgery
Feb 06, 2025
CVSS 8.7
EPSS 0.01
CVE-2025-21415 CRITICAL
Azure AI Face Service - Authentication Bypass by Spoofing
Jan 29, 2025
CVSS 9.9
EPSS 0.04
CVE-2025-21396 HIGH
Microsoft Account - Missing Authorization
Jan 29, 2025
CVSS 8.2
EPSS 0.02
CVE-2025-21262 MEDIUM
Microsoft Edge (Chromium-based) - Info Disclosure
Jan 24, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21399 HIGH
Microsoft Edge Update < 1.3.195.43 - Elevation of Privilege via Untrusted Search Path
Jan 17, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-21185 MEDIUM
Microsoft Edge Chromium < 132.0.2957.115 - Elevation of Privilege
Jan 17, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21325 HIGH
Windows 10 21H2/22H2, Windows 11 22H2/23H2/24H2, Windows Server 2025 - Elevation of Privilege via Secure Kernel Mode
Jan 17, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-21417 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 8.8
EPSS 0.05
CVE-2025-21413 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 8.8
EPSS 0.06
CVE-2025-21411 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 8.8
EPSS 0.06
CVE-2025-21409 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 8.8
EPSS 0.06
CVE-2025-21405 HIGH
Visual Studio 2022 17.12.0-17.12.4 - Elevation of Privilege
Jan 14, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-21403 MEDIUM
Microsoft On-Premises Data Gateway < 3000.246 - Information Disclosure
Jan 14, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-21402 HIGH
Microsoft Office OneNote - Remote Code Execution
Jan 14, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-21395 HIGH
Microsoft Access - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 7.8
EPSS 0.02
CVE-2025-21393 MEDIUM
Microsoft SharePoint Server - Spoofing
Jan 14, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-21389 HIGH
Windows 10 1507-24H2 and Windows Server 2008-2012 - Unauthenticated Denial of Service via UPnP Device Host
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-21382 HIGH
Windows Graphics Component - Elevation of Privilege via Integer Overflow
Jan 14, 2025
CVSS 7.8
EPSS 0.02
CVE-2025-21378 HIGH
Windows 10 1507-24H2 and Windows Server 2012-2016 - Elevation of Privilege via CSC Service Heap-based Buffer Overflow
Jan 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-21374 MEDIUM
Windows 10 1507-24H2 and Windows Server 2012-2016 - Information Disclosure via CSC Service Out-of-bounds Read
Jan 14, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-21372 HIGH
Windows 11 24H2 and Windows Server 2022 23H2 and 2025 - Elevation of Privilege via Brokering File System Use-After-Free
Jan 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-21370 HIGH
Windows 11 22H2/23H2/24H2 Elevation of Privilege in Virtualization-Based Security Enclave
Jan 14, 2025
CVSS 7.8
EPSS 0.01
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV