108577+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network.
Windows Kerberos Denial of Service Vulnerability
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.
Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information …
Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of …
Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: …
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response …
Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and …
Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer …
Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to …
Free website and port scanning — find vulnerabilities before attackers do.