Export limit exceeded: 344198 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7988 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47991 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2026-02-13 | 7.8 High |
| Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49677 | 1 Microsoft | 2 Windows 11 22h2, Windows 11 22h2 | 2026-02-13 | 7 High |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47976 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-13 | 7.8 High |
| Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53784 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2026-02-13 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53740 | 1 Microsoft | 12 365, 365 Apps, Office and 9 more | 2026-02-13 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53738 | 1 Microsoft | 14 365, 365 Apps, Office and 11 more | 2026-02-13 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53734 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2026-02-13 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53721 | 1 Microsoft | 20 Server, Windows, Windows 10 1809 and 17 more | 2026-02-13 | 7 High |
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53718 | 1 Microsoft | 27 Windows, Windows 10 1507, Windows 10 1607 and 24 more | 2026-02-13 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53152 | 1 Microsoft | 24 Server, Windows, Windows 10 1507 and 21 more | 2026-02-13 | 7.8 High |
| Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally. | ||||
| CVE-2025-53147 | 1 Microsoft | 27 Windows, Windows 10 1507, Windows 10 1607 and 24 more | 2026-02-13 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53137 | 1 Microsoft | 27 Windows, Windows 10 1507, Windows 10 1607 and 24 more | 2026-02-13 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50159 | 1 Microsoft | 26 Windows, Windows 10, Windows 10 1507 and 23 more | 2026-02-13 | 7.3 High |
| Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50153 | 1 Microsoft | 25 Server, Windows, Windows 10 and 22 more | 2026-02-13 | 7.8 High |
| Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49743 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-13 | 6.7 Medium |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53761 | 1 Microsoft | 11 365, 365 Apps, Office and 8 more | 2026-02-13 | 7.8 High |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53730 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2026-02-13 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-57785 | 2 Hiawatha, Hiawatha.leisink | 2 Web Server, Hiawatha Webserver | 2026-02-13 | 6.5 Medium |
| A Double Free in XSLT `show_index` has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution. | ||||
| CVE-2026-20026 | 1 Cisco | 3 Secure Firewall Threat Defense, Snort, Utd Snort Ips Engine Software | 2026-02-12 | 5.8 Medium |
| Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer use-after-free read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to unexpectedly restart the Snort 3 Detection Engine, which could cause a denial of service (DoS). | ||||
| CVE-2025-0031 | 1 Amd | 9 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 6 more | 2026-02-12 | N/A |
| A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. | ||||