Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
18,100 matching · page 288/362Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-29801(opens NVD record) | High | 7.8 | Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-29800(opens NVD record) | High | 7.8 | Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-29794(opens NVD record) | High | 8.8 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-29793(opens NVD record) | High | 7.2 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-29792(opens NVD record) | High | 7.3 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-29791(opens NVD record) | High | 7.8 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27752(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27751(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27750(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27749(opens NVD record) | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27748(opens NVD record) | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27747(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27746(opens NVD record) | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27745(opens NVD record) | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27744(opens NVD record) | High | 7.8 | Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27743(opens NVD record) | High | 7.8 | Untrusted search path in System Center allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27742(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally. | Apr 8, 2025 |
| CVE-2025-27741(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27740(opens NVD record) | High | 8.8 | Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network. | Apr 8, 2025 |
| CVE-2025-27739(opens NVD record) | High | 7.8 | Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27738(opens NVD record) | Medium | 6.5 | Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network. | Apr 8, 2025 |
| CVE-2025-27737(opens NVD record) | High | 8.6 | Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally. | Apr 8, 2025 |
| CVE-2025-27736(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally. | Apr 8, 2025 |
| CVE-2025-27735(opens NVD record) | Medium | 6.0 | Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | Apr 8, 2025 |
| CVE-2025-27733(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27732(opens NVD record) | High | 7.0 | Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27731(opens NVD record) | High | 7.8 | Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27730(opens NVD record) | High | 7.8 | Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27729(opens NVD record) | High | 7.8 | Use after free in Windows Shell allows an unauthorized attacker to execute code locally. | Apr 8, 2025 |
| CVE-2025-27728(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27727(opens NVD record) | High | 7.8 | Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27492(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27491(opens NVD record) | High | 7.1 | Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-27490(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27489(opens NVD record) | High | 7.8 | Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27487(opens NVD record) | High | 8.0 | Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-27486(opens NVD record) | High | 7.5 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | Apr 8, 2025 |
| CVE-2025-27485(opens NVD record) | High | 7.5 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | Apr 8, 2025 |
| CVE-2025-27484(opens NVD record) | High | 7.5 | Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network. | Apr 8, 2025 |
| CVE-2025-27483(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27482(opens NVD record) | High | 8.1 | Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-27481(opens NVD record) | High | 8.8 | Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-27480(opens NVD record) | High | 8.1 | Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-27479(opens NVD record) | High | 7.5 | Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. | Apr 8, 2025 |
| CVE-2025-27478(opens NVD record) | High | 7.0 | Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27477(opens NVD record) | High | 8.8 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | Apr 8, 2025 |
| CVE-2025-27476(opens NVD record) | High | 7.8 | Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27475(opens NVD record) | High | 7.0 | Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally. | Apr 8, 2025 |
| CVE-2025-27474(opens NVD record) | Medium | 6.5 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | Apr 8, 2025 |
| CVE-2025-27473(opens NVD record) | High | 7.5 | Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | Apr 8, 2025 |