Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,916
Quick preset (or use dates below)
Clear Filters
Showing 10,001 - 10,020 of 14,108 CVEs
CVE-2026-25177 HIGH - 8.8

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25176 HIGH - 7.8

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25175 HIGH - 7.8

Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25174 HIGH - 7.8

Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25173 HIGH - 8.0

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25172 HIGH - 8.8

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2012
Published: Mar 10, 2026
Source: NVD
CVE-2026-25171 HIGH - 7.0

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25170 HIGH - 7.0

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-25167 HIGH - 7.4

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-25166 HIGH - 7.8

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25165 HIGH - 7.8

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24296 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24295 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24294 HIGH - 7.8

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24293 HIGH - 7.8

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-24292 HIGH - 7.8

Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Mar 10, 2026
Source: NVD
CVE-2026-24291 HIGH - 7.8

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24290 HIGH - 7.8

Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Mar 10, 2026
Source: NVD
CVE-2026-24289 HIGH - 7.8

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24287 HIGH - 7.8

External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Mar 10, 2026
Source: NVD