Total
2068 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24903 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-10 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2023-24899 | 1 Microsoft | 3 Windows 11 21h2, Windows 11 22h2, Windows Server 2022 | 2025-07-10 | 7 High |
| Windows Graphics Component Elevation of Privilege Vulnerability | ||||
| CVE-2024-38137 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2025-07-10 | 7 High |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-38136 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-07-10 | 7 High |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-38191 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2025-07-10 | 7.8 High |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | ||||
| CVE-2025-26649 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-07-10 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27492 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-07-08 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2022-30214 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2025-07-08 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2022-30212 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-07-08 | 4.7 Medium |
| Windows Connected Devices Platform Service Information Disclosure Vulnerability | ||||
| CVE-2022-30205 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-07-08 | 6.6 Medium |
| Windows Group Policy Elevation of Privilege Vulnerability | ||||
| CVE-2022-24525 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server | 2025-07-08 | 7 High |
| Windows Update Stack Elevation of Privilege Vulnerability | ||||
| CVE-2022-23283 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-07-08 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2022-21975 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Server and 3 more | 2025-07-08 | 4.7 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2022-24505 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2025-07-08 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2024-48991 | 1 Needrestart Project | 1 Needrestart | 2025-07-03 | 7.8 High |
| Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3). | ||||
| CVE-2024-36621 | 1 Mobyproject | 1 Moby | 2025-07-02 | 6.5 Medium |
| moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion. | ||||
| CVE-2024-36623 | 1 Mobyproject | 1 Moby | 2025-07-02 | 8.1 High |
| moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes. | ||||
| CVE-2024-34732 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-46613 | 1 Openplcproject | 1 Openplc | 2025-06-23 | 7.5 High |
| OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access handleConnections arguments after the parent stack frame becomes unavailable. | ||||
| CVE-2025-46802 | 1 Gnu | 1 Screen | 2025-06-23 | 6 Medium |
| For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session. | ||||