Microsoft

Windows

85 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-59033

  • EPSS 0.04%
  • Published 08.09.2025 00:00:00
  • Last modified 08.09.2025 18:15:34

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. On systems that do not have hypervisor-protected code integrity (HVCI) enabled, entries that specify only the to-be-signed (TBS) part of ...

0

CVE-2022-50238

  • EPSS 0.02%
  • Published 08.09.2025 00:00:00
  • Last modified 08.09.2025 16:25:38

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expect...

7.8

CVE-2025-9491

Media report
  • EPSS 0.35%
  • Published 26.08.2025 16:25:15
  • Last modified 03.09.2025 17:31:33

Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vul...

8.8

CVE-2025-34091

  • EPSS 0%
  • Published 02.07.2025 19:25:27
  • Last modified 24.07.2025 07:15:53

Rejected reason: Neither filed by Chrome nor a valid security vulnerability.

6.5

CVE-2025-21197

  • EPSS 0.12%
  • Published 08.04.2025 17:23:36
  • Last modified 10.07.2025 15:52:05

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

6.5

CVE-2022-40733

Exploit
  • EPSS 0.18%
  • Published 18.12.2024 23:15:07
  • Last modified 26.08.2025 16:09:46

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specia...

7.5

CVE-2022-40732

Exploit
  • EPSS 0.18%
  • Published 18.12.2024 23:15:07
  • Last modified 26.08.2025 16:11:12

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specia...

6.7

CVE-2024-30164

  • EPSS 0.04%
  • Published 28.05.2024 17:15:10
  • Last modified 21.11.2024 09:11:20

Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resol...

0

CVE-2017-20190

  • EPSS 0.1%
  • Published 27.03.2024 00:15:07
  • Last modified 21.11.2024 03:22:50

Some Microsoft technologies as used in Windows 8 through 11 allow a temporary client-side performance degradation during processing of multiple Unicode combining characters, aka a "Zalgo text" attack. NOTE: third parties dispute whether the computati...

7

CVE-2022-0280

  • EPSS 0.15%
  • Published 10.03.2022 23:15:08
  • Last modified 21.11.2024 06:38:17

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files bein...