Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20742 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7603, Mt7615 and 7 more | 2026-02-26 | 8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00432680; Issue ID: MSV-3949. | ||||
| CVE-2025-58715 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-26 | 8.8 High |
| Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20743 | 2 Google, Mediatek | 54 Android, Mt2718, Mt6761 and 51 more | 2026-02-26 | 4.2 Medium |
| In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651. | ||||
| CVE-2025-58716 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-26 | 8.8 High |
| Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20744 | 2 Google, Mediatek | 4 Android, Mt6899, Mt6991 and 1 more | 2026-02-26 | 4.2 Medium |
| In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10127160; Issue ID: MSV-4542. | ||||
| CVE-2025-58719 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-02-26 | 4.7 Medium |
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20745 | 2 Google, Mediatek | 10 Android, Mt2718, Mt6989 and 7 more | 2026-02-26 | 4.2 Medium |
| In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294. | ||||
| CVE-2025-58722 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-02-26 | 7.8 High |
| Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20729 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 4.2 Medium |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-4153. | ||||
| CVE-2025-58728 | 1 Microsoft | 23 Windows, Windows 10, Windows 10 1809 and 20 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-58732 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-26 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58735 | 1 Microsoft | 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-26 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59196 | 1 Microsoft | 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-26 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20736 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 6.7 Medium |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435347; Issue ID: MSV-4049. | ||||
| CVE-2025-59199 | 1 Microsoft | 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more | 2026-02-26 | 7.8 High |
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20738 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 6.7 Medium |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435342; Issue ID: MSV-4039. | ||||
| CVE-2025-59201 | 1 Microsoft | 26 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-26 | 7.8 High |
| Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20739 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 6.7 Medium |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435340; Issue ID: MSV-4038. | ||||
| CVE-2025-59202 | 1 Microsoft | 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more | 2026-02-26 | 7 High |
| Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20746 | 6 Google, Linuxfoundation, Mediatek and 3 more | 23 Android, Yocto, Mt2718 and 20 more | 2026-02-26 | 6.7 Medium |
| In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010441; Issue ID: MSV-3967. | ||||