) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2025-24987 |
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. Published: March 11, 2025; 1:16:34 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0:(not available) |
| CVE-2025-24986 |
Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network. Published: March 11, 2025; 1:16:34 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2025-24985 |
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:34 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24984 |
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. Published: March 11, 2025; 1:16:34 PM -0400 |
V4.0:(not available) V3.1: 4.6 MEDIUM V2.0:(not available) |
| CVE-2025-24983 |
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:33 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0:(not available) |
| CVE-2025-24084 |
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:33 PM -0400 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0:(not available) |
| CVE-2025-24083 |
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:33 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24082 |
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:33 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24081 |
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:32 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24080 |
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:31 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24079 |
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:31 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24078 |
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:30 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0:(not available) |
| CVE-2025-24077 |
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:30 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24076 |
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:30 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2025-24075 |
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Published: March 11, 2025; 1:16:30 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24072 |
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:30 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24071 |
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. Published: March 11, 2025; 1:16:29 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2025-24070 |
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. Published: March 11, 2025; 1:16:29 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0:(not available) |
| CVE-2025-24067 |
Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:29 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2025-24066 |
Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. Published: March 11, 2025; 1:16:29 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |