Common Vulnerabilities and Exposures (CVE)
CVE-2025-21376
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2025-21375
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2025-21369
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21368
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21352
Internet Connection Sharing (ICS) Denial of Service Vulnerability
CVE-2025-21351
Windows Active Directory Domain Services API Denial of Service Vulnerability
CVE-2025-21206
Visual Studio Installer Elevation of Privilege Vulnerability
CVE-2025-21188
Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
CVE-2022-43551
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provide...
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has bee...
CVE-2026-20646
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information.
CVE-2026-20667
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 26.3 and iPadOS 26.3. An app may be able to break out of its sandbox.
CVE-2025-29795
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.