36731+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally.
Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network.
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.
Use after free in Xbox allows an authorized attacker to elevate privileges locally.
Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally.
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to …
A vulnerability in the web-based management interface of network access point configuration services could allow an authenticated remote attacker to perform remote command execution. Successful …
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor …
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor …
An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could …
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of …
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of …
An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow …
An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker …
An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all …
A weak authentication vulnerability in Fortinet FortiPAM 1.5.0, FortiPAM 1.4.0 through 1.4.2, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM …
An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow …
An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all …
Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. The exposure of these …
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.2, FortiAnalyzer 7.4.0 through 7.4.5, FortiAnalyzer 7.2.0 through 7.2.9, FortiAnalyzer 7.0.0 through 7.0.13, FortiAnalyzer 6.4 …
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 …
An insufficient session expiration vulnerability [CWE-613] and an incorrect authorization vulnerability [CWE-863] in FortiIsolator 2.4.0 through 2.4.4, 2.3 all versions, 2.2.0, 2.1 all versions, 2.0 …
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain …
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) …
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to …
Free website and port scanning — find vulnerabilities before attackers do.