Filtered by vendor Microsoft
Subscribe
Total
21800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-53722 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-18 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-53721 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-08-18 | N/A | 7.0 HIGH |
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53720 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-18 | N/A | 8.0 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53719 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-08-18 | N/A | 5.7 MEDIUM |
| Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. | |||||
| CVE-2025-53718 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-18 | N/A | 7.0 HIGH |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53716 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-08-18 | N/A | 6.5 MEDIUM |
| Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. | |||||
| CVE-2025-53156 | 1 Microsoft | 3 Windows 11 24h2, Windows Server 2022 23h2, Windows Server 2025 | 2025-08-18 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-53155 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-18 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53144 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-18 | N/A | 8.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53145 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-18 | N/A | 8.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53143 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-18 | N/A | 8.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53726 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-18 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53725 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-18 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53724 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-18 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53738 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-08-18 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53793 | 1 Microsoft | 1 Azure Stack Hub | 2025-08-18 | N/A | 7.5 HIGH |
| Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-53784 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-08-18 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53788 | 1 Microsoft | 1 Windows Subsystem For Linux | 2025-08-18 | N/A | 7.0 HIGH |
| Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-53779 | 1 Microsoft | 1 Windows Server 2025 | 2025-08-18 | N/A | 7.2 HIGH |
| Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-53765 | 1 Microsoft | 2 Azure App Service On Azure Stack, Azure Stack Hub | 2025-08-18 | N/A | 5.5 MEDIUM |
| Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally. | |||||