Total
33659 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55699 | 1 Microsoft | 25 Windows, Windows 10, Windows 10 1507 and 22 more | 2025-11-22 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-55694 | 1 Microsoft | 10 Windows, Windows 11, Windows 11 24h2 and 7 more | 2025-11-22 | 7.8 High |
| Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55692 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2025-11-22 | 7.8 High |
| Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55683 | 1 Microsoft | 8 Windows, Windows Server, Windows Server 2016 and 5 more | 2025-11-22 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-55679 | 1 Microsoft | 22 Windows, Windows 10, Windows 10 1809 and 19 more | 2025-11-22 | 5.1 Medium |
| Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-25004 | 1 Microsoft | 31 Powershell, Windows, Windows 10 and 28 more | 2025-11-22 | 7.3 High |
| Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59494 | 1 Microsoft | 2 Azure, Azure Monitor Agent | 2025-11-22 | 7.8 High |
| Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59294 | 1 Microsoft | 25 Windows, Windows 10, Windows 10 1507 and 22 more | 2025-11-22 | 2.1 Low |
| Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack. | ||||
| CVE-2025-59284 | 1 Microsoft | 12 Windows, Windows 11, Windows 11 22h2 and 9 more | 2025-11-22 | 3.3 Low |
| Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2025-59250 | 1 Microsoft | 10 Jdbc Driver For Sql Server, Jdbc Driver For Sql Server 10.2, Jdbc Driver For Sql Server 11.2 and 7 more | 2025-11-22 | 8.1 High |
| Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59249 | 1 Microsoft | 6 Exchange, Exchange Server, Exchange Server 2016 and 3 more | 2025-11-22 | 8.8 High |
| Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-59228 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2025-11-22 | 8.8 High |
| Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-59199 | 1 Microsoft | 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more | 2025-11-22 | 7.8 High |
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59186 | 1 Microsoft | 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more | 2025-11-22 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-58716 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-11-22 | 8.8 High |
| Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55336 | 1 Microsoft | 22 Windows, Windows 10, Windows 10 1809 and 19 more | 2025-11-22 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-53782 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2025-11-22 | 8.4 High |
| Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2014-0546 | 2 Adobe, Microsoft | 3 Acrobat, Acrobat Reader, Windows | 2025-11-22 | 8.8 High |
| Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors. | ||||
| CVE-2025-12907 | 1 Google | 1 Chrome | 2025-11-21 | 8.8 High |
| Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low) | ||||
| CVE-2025-12908 | 1 Google | 2 Android, Chrome | 2025-11-21 | 5.4 Medium |
| Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||