Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-58732 2025-10-14 HIGH 7.0 Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58731 2025-10-14 HIGH 7.0 Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58730 2025-10-14 HIGH 7.0 Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58729 2025-10-14 MEDIUM 6.5 Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
CVE-2025-58728 2025-10-14 HIGH 7.8 Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVE-2025-58727 2025-10-14 HIGH 7.0 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2025-58726 2025-10-14 HIGH 7.5 Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-58725 2025-10-14 HIGH 7.0 Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally.
CVE-2025-58724 2025-10-14 HIGH 7.8 Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-58722 2025-10-14 HIGH 7.8 Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally.
CVE-2025-58720 2025-10-14 HIGH 7.8 Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
CVE-2025-58719 2025-10-14 MEDIUM 4.7 Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
CVE-2025-58718 2025-10-14 HIGH 8.8 Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-58717 2025-10-14 MEDIUM 6.5 Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-58716 2025-10-14 HIGH 8.8 Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2025-58715 2025-10-14 HIGH 8.8 Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2025-58714 2025-10-14 HIGH 7.8 Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-55701 2025-10-14 HIGH 7.8 Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.
CVE-2025-55700 2025-10-14 MEDIUM 6.5 Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-55699 2025-10-14 MEDIUM 5.5 Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-55698 2025-10-14 HIGH 7.7 Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network.
CVE-2025-55697 2025-10-14 HIGH 7.8 Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally.
CVE-2025-55696 2025-10-14 HIGH 7.8 Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.
CVE-2025-55695 2025-10-14 MEDIUM 5.5 Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.
CVE-2025-55694 2025-10-14 HIGH 7.8 Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
CVE-2025-55693 2025-10-14 HIGH 7.4 Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
CVE-2025-55692 2025-10-14 HIGH 7.8 Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
CVE-2025-55691 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55690 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55689 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55688 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55687 2025-10-14 HIGH 7.4 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally.
CVE-2025-55686 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55685 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55684 2025-10-14 HIGH 7.0 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-55683 2025-10-14 MEDIUM 5.5 Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-55682 2025-10-14 MEDIUM 6.1 Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-55681 2025-10-14 HIGH 7.0 Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally.
CVE-2025-55680 2025-10-14 HIGH 7.8 Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-55679 2025-10-14 MEDIUM 5.1 Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally.
CVE-2025-55678 2025-10-14 HIGH 7.0 Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
CVE-2025-55677 2025-10-14 HIGH 7.8 Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
CVE-2025-55676 2025-10-14 MEDIUM 5.5 Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.
CVE-2025-55340 2025-10-14 HIGH 7.0 Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
CVE-2025-55339 2025-10-14 HIGH 7.8 Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.
CVE-2025-55338 2025-10-14 MEDIUM 6.1 Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-55337 2025-10-14 MEDIUM 6.1 Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-55336 2025-10-14 MEDIUM 5.5 Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.
CVE-2025-55335 2025-10-14 HIGH 7.4 Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVE-2025-55334 2025-10-14 MEDIUM 6.2 Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally.
« Anterior Página 88 de 3644 Siguiente »