Total
191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43631 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 5 more | 2025-07-08 | 6.7 Medium |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | ||||
| CVE-2024-43553 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 7.4 High |
| NT OS Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-37983 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-08 | 6.7 Medium |
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | ||||
| CVE-2024-37979 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-07-08 | 6.7 Medium |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-37982 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-08 | 6.7 Medium |
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | ||||
| CVE-2024-43529 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2025-07-08 | 7.3 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2024-43516 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | 7.8 High |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | ||||
| CVE-2023-43532 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2025-06-17 | 8.4 High |
| Memory corruption while reading ACPI config through the user mode app. | ||||
| CVE-2023-34333 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 7.8 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-34332 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 7.8 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2024-20680 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-09 | 6.5 Medium |
| Windows Message Queuing Client (MSMQC) Information Disclosure | ||||
| CVE-2024-20663 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-03 | 6.5 Medium |
| Windows Message Queuing Client (MSMQC) Information Disclosure | ||||
| CVE-2023-36011 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-05-22 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2023-27342 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-20 | 7.8 High |
| PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18766. | ||||
| CVE-2023-39501 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-19 | 7.8 High |
| PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OXPS files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20034. | ||||
| CVE-2023-40471 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-19 | 7.8 High |
| PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of App objects. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20729. | ||||
| CVE-2023-40472 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-19 | 7.8 High |
| PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of strings. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20730. | ||||
| CVE-2025-20018 | 2025-05-16 | 8.4 High | ||
| Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-22464 | 1 Ivanti | 1 Endpoint Manager | 2025-05-16 | 6.1 Medium |
| An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition. | ||||
| CVE-2024-49090 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||