Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Subscriptions
Total 8018 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-2188 2 Mcafee, Microsoft 2 Data Exchange Layer, Windows 2025-05-08 6.5 Medium
Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
CVE-2024-21107 2 Microsoft, Oracle 2 Windows, Vm Virtualbox 2025-05-08 6.7 Medium
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
CVE-2023-46257 2 Ivanti, Microsoft 2 Avalanche, Windows 2025-05-06 9.8 Critical
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-41727 2 Ivanti, Microsoft 2 Avalanche, Windows 2025-05-06 9.8 Critical
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2018-6342 2 Facebook, Microsoft 2 React-dev-utils, Windows 2025-05-06 9.8 Critical
react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, allowing an attacker who can make a network request to the server (either via CSRF or by direct request) to execute arbitrary commands on the targeted system. This issue affects multiple branches: 1.x.x prior to 1.0.4, 2.x.x prior to 2.0.2, 3.x.x prior to 3.1.2, 4.x.x prior to 4.2.2, and 5.x.x prior to 5.0.2.
CVE-2025-21176 4 Apple, Linux, Microsoft and 1 more 22 Macos, Linux Kernel, .net and 19 more 2025-05-06 8.8 High
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21172 4 Apple, Linux, Microsoft and 1 more 9 Macos, Linux Kernel, .net and 6 more 2025-05-06 7.5 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-27193 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2025-05-05 7.8 High
Bridge versions 14.1.5, 15.0.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27194 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 7.8 High
Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27195 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 7.8 High
Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27196 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2025-05-05 7.8 High
Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27198 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2025-05-05 7.8 High
Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-0076 2 Intel, Microsoft 45 Amt Ac 8260, Amt Ac 8260 Firmware, Amt Ac 8265 and 42 more 2025-05-05 5.5 Medium
Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access.
CVE-2021-0072 2 Intel, Microsoft 45 Amt Ac 8260, Amt Ac 8260 Firmware, Amt Ac 8265 and 42 more 2025-05-05 5.5 Medium
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2021-0066 2 Intel, Microsoft 45 Amt Ac 8260, Amt Ac 8260 Firmware, Amt Ac 8265 and 42 more 2025-05-05 8.4 High
Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access.
CVE-2020-9715 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2025-05-05 7.8 High
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2020-9676 2 Adobe, Microsoft 2 Bridge, Windows 2025-05-05 7.8 High
Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-9675 2 Adobe, Microsoft 2 Bridge, Windows 2025-05-05 7.8 High
Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-9674 2 Adobe, Microsoft 2 Bridge, Windows 2025-05-05 7.8 High
Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-9569 2 Adobe, Microsoft 2 Bridge, Windows 2025-05-05 7.8 High
Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .