Total
6313 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26679 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-09 | 7.8 High |
| Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-26681 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 5 more | 2025-07-09 | 6.7 Medium |
| Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-26670 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-09 | 8.1 High |
| Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-26671 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-07-09 | 8.1 High |
| Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-27746 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-07-09 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-27745 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-09 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2024-30330 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-07-09 | 7.8 High |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22636. | ||||
| CVE-2023-35380 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-09 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2025-27480 | 1 Microsoft | 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more | 2025-07-08 | 8.1 High |
| Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-27476 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-07-08 | 7.8 High |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27467 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-07-08 | 7.8 High |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27492 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-07-08 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27491 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | 7.1 High |
| Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-29823 | 1 Microsoft | 1 365 Apps | 2025-07-08 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-29820 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-07-08 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-27730 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-07-08 | 7.8 High |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27729 | 1 Microsoft | 6 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 3 more | 2025-07-08 | 7.8 High |
| Use after free in Windows Shell allows an unauthorized attacker to execute code locally. | ||||
| CVE-2024-49032 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-08 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2024-49027 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-07-08 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-49021 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-07-08 | 7.8 High |
| Microsoft SQL Server Remote Code Execution Vulnerability | ||||