Search
Search Results (10627 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55694 | 1 Microsoft | 10 Windows, Windows 11, Windows 11 24h2 and 7 more | 2026-02-22 | 7.8 High |
| Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55240 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2026-02-22 | 7.3 High |
| Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-25004 | 1 Microsoft | 31 Powershell, Windows, Windows 10 and 28 more | 2026-02-22 | 7.3 High |
| Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59494 | 1 Microsoft | 2 Azure, Azure Monitor Agent | 2026-02-22 | 7.8 High |
| Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59280 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-02-22 | 3.1 Low |
| Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network. | ||||
| CVE-2025-59201 | 1 Microsoft | 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-22 | 7.8 High |
| Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59199 | 1 Microsoft | 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more | 2026-02-22 | 7.8 High |
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55340 | 1 Microsoft | 21 Remote Desktop Protocol, Windows, Windows 10 and 18 more | 2026-02-22 | 7 High |
| Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2025-55338 | 1 Microsoft | 26 Bitlocker, Windows, Windows 10 and 23 more | 2026-02-22 | 6.1 Medium |
| Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||||
| CVE-2025-47989 | 1 Microsoft | 3 Arc Enabled Servers Azure Connected Machine Agent, Azure, Azure Connected Machine Agent | 2026-02-22 | 7 High |
| Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24305 | 1 Microsoft | 2 Entra Id, Microsoft Entra Id | 2026-02-22 | 9.3 Critical |
| Azure Entra ID Elevation of Privilege Vulnerability | ||||
| CVE-2026-24306 | 1 Microsoft | 1 Azure Front Door | 2026-02-22 | 9.8 Critical |
| Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-24304 | 1 Microsoft | 1 Azure Resource Manager | 2026-02-22 | 9.9 Critical |
| Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-20949 | 1 Microsoft | 6 365 Apps, Office 2021, Office 2024 and 3 more | 2026-02-22 | 7.8 High |
| Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2026-20929 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2026-02-22 | 7.5 High |
| Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-20843 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2026-02-22 | 7.8 High |
| Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20960 | 1 Microsoft | 2 Power Apps, Power Apps Desktop Client | 2026-02-22 | 8 High |
| Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-20839 | 1 Microsoft | 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more | 2026-02-22 | 5.5 Medium |
| Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20825 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-02-22 | 4.4 Medium |
| Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20817 | 1 Microsoft | 14 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 11 more | 2026-02-22 | 7.8 High |
| Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||