CVE-2025-27467

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally...

CVE-2025-27739

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2025-27475

Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...

CVE-2025-27743

Untrusted search path in System Center allows an authorized attacker to elevate privileges locally...

CVE-2025-24062

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

CVE-2025-24074

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

CVE-2025-26688

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

CVE-2025-26639

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-20947

Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability...

CVE-2025-20940

Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR Apr-2025 Release 1 allows local attackers to access provider in SDMHS...

CVE-2025-29988

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution...

CBL Mariner 2.0 Security Update: augeas (CVE-2025-2588)

The version of augeas installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2588 advisory. - A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability...

CVE-2025-29822

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally...

CVE-2025-29804

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...

CVE-2025-29792

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...

CVE-2025-27733

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally...

CVE-2025-27492

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Secure Channel allows an authorized attacker to elevate privileges locally...

CVE-2025-27727

Improper link resolution before file access 'link following' in Windows Installer allows an authorized attacker to elevate privileges locally...

CVE-2025-27483

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally...

CVE-2025-27467

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally...