Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
34,278 matching · page 242/686Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-54911(opens NVD record) | High | 7.3 | Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54910(opens NVD record) | High | 8.4 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54908(opens NVD record) | High | 7.8 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54907(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54906(opens NVD record) | High | 7.8 | Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54905(opens NVD record) | High | 7.1 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | Sep 9, 2025 |
| CVE-2025-54904(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54903(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54902(opens NVD record) | High | 7.8 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54901(opens NVD record) | Medium | 5.5 | Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | Sep 9, 2025 |
| CVE-2025-54900(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54899(opens NVD record) | High | 7.8 | Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54898(opens NVD record) | High | 7.8 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54897(opens NVD record) | High | 8.8 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Sep 9, 2025 |
| CVE-2025-54896(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Sep 9, 2025 |
| CVE-2025-54895(opens NVD record) | High | 7.8 | Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54894(opens NVD record) | High | 7.8 | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | Sep 9, 2025 |
| CVE-2025-54116(opens NVD record) | High | 7.3 | Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54115(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54114(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54113(opens NVD record) | High | 8.8 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | Sep 9, 2025 |
| CVE-2025-54112(opens NVD record) | High | 7.0 | Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54111(opens NVD record) | High | 7.8 | Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54110(opens NVD record) | High | 8.8 | Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54109(opens NVD record) | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54108(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54107(opens NVD record) | Medium | 4.3 | Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | Sep 9, 2025 |
| CVE-2025-54106(opens NVD record) | High | 8.8 | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | Sep 9, 2025 |
| CVE-2025-54105(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54104(opens NVD record) | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54103(opens NVD record) | High | 7.4 | Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54102(opens NVD record) | High | 7.8 | Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54101(opens NVD record) | Medium | 4.8 | Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network. | Sep 9, 2025 |
| CVE-2025-54099(opens NVD record) | High | 7.0 | Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54098(opens NVD record) | High | 7.8 | Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54097(opens NVD record) | Medium | 6.5 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | Sep 9, 2025 |
| CVE-2025-54096(opens NVD record) | Medium | 6.5 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | Sep 9, 2025 |
| CVE-2025-54095(opens NVD record) | Medium | 6.5 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | Sep 9, 2025 |
| CVE-2025-54094(opens NVD record) | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54093(opens NVD record) | High | 7.0 | Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54092(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-54091(opens NVD record) | High | 7.8 | Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-53810(opens NVD record) | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-53809(opens NVD record) | Medium | 6.5 | Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. | Sep 9, 2025 |
| CVE-2025-53808(opens NVD record) | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-53807(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | Sep 9, 2025 |
| CVE-2025-53806(opens NVD record) | Medium | 6.5 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | Sep 9, 2025 |
| CVE-2025-53805(opens NVD record) | High | 7.5 | Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network. | Sep 9, 2025 |
| CVE-2025-53804(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | Sep 9, 2025 |
| CVE-2025-53803(opens NVD record) | Medium | 5.5 | Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally. | Sep 9, 2025 |