Export limit exceeded: 324781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (324781 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55685 | 1 Microsoft | 16 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 13 more | 2026-02-26 | 7 High |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20733 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 7.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00441509; Issue ID: MSV-4138. | ||||
| CVE-2025-55686 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2026-02-26 | 7 High |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20735 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 7.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435349; Issue ID: MSV-4051. | ||||
| CVE-2025-55689 | 1 Microsoft | 16 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 13 more | 2026-02-26 | 7 High |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20737 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 7.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435343; Issue ID: MSV-4040. | ||||
| CVE-2025-55701 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-02-26 | 7.8 High |
| Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20742 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7603, Mt7615 and 7 more | 2026-02-26 | 8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00432680; Issue ID: MSV-3949. | ||||
| CVE-2025-58715 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-26 | 8.8 High |
| Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20743 | 2 Google, Mediatek | 54 Android, Mt2718, Mt6761 and 51 more | 2026-02-26 | 4.2 Medium |
| In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651. | ||||
| CVE-2025-58716 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-26 | 8.8 High |
| Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20744 | 2 Google, Mediatek | 4 Android, Mt6899, Mt6991 and 1 more | 2026-02-26 | 4.2 Medium |
| In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10127160; Issue ID: MSV-4542. | ||||
| CVE-2025-58719 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-02-26 | 4.7 Medium |
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20745 | 2 Google, Mediatek | 10 Android, Mt2718, Mt6989 and 7 more | 2026-02-26 | 4.2 Medium |
| In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294. | ||||
| CVE-2025-58722 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-02-26 | 7.8 High |
| Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20729 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 4.2 Medium |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-4153. | ||||
| CVE-2025-58728 | 1 Microsoft | 23 Windows, Windows 10, Windows 10 1809 and 20 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-58732 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-26 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58735 | 1 Microsoft | 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-26 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59196 | 1 Microsoft | 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-26 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||||