Total
166 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-20857 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-01-15 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-20819 | 1 Microsoft | 3 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 | 2026-01-14 | N/A | 5.5 MEDIUM |
| Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20811 | 1 Microsoft | 6 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 3 more | 2026-01-14 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-20955 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2026-01-14 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-20956 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-01-14 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47343 | 1 Qualcomm | 50 Cologne, Cologne Firmware, Fastconnect 6700 and 47 more | 2026-01-12 | N/A | 7.8 HIGH |
| Memory corruption while processing a video session to set video parameters. | |||||
| CVE-2025-52516 | 1 Samsung | 12 Exynos 1330, Exynos 1330 Firmware, Exynos 1380 and 9 more | 2026-01-09 | N/A | 6.2 MEDIUM |
| An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service. | |||||
| CVE-2024-23136 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-12-31 | N/A | 7.8 HIGH |
| A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | |||||
| CVE-2025-62549 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2025-12-24 | N/A | 8.8 HIGH |
| Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-47325 | 1 Qualcomm | 88 Csr8811, Csr8811 Firmware, Ipq8070 and 85 more | 2025-12-23 | N/A | 6.5 MEDIUM |
| Information disclosure while processing system calls with invalid parameters. | |||||
| CVE-2025-62556 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-12-10 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62560 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-12-10 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62561 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-12-10 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-20090 | 1 Intel | 1 Quickassist Technology | 2025-12-05 | N/A | 5.5 MEDIUM |
| Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2025-27710 | 1 Intel | 1 Quickassist Technology | 2025-11-26 | N/A | 6.5 MEDIUM |
| Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-32446 | 1 Intel | 1 Quickassist Technology | 2025-11-26 | N/A | 6.5 MEDIUM |
| Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-54114 | 1 Microsoft | 10 Windows 10 1607, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-11-21 | N/A | 7.0 HIGH |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24990 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-11-18 | N/A | 7.8 HIGH |
| Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. | |||||
| CVE-2025-60728 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-11-17 | N/A | 4.3 MEDIUM |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-62200 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-11-17 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||