CVE-2025-60720

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally...

CVE-2025-60713

Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

EUVD-2025-93419

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally...

CVE-2025-62217

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

EUVD-2025-93425

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally...

CVE-2025-60722

Improper limitation of a pathname to a restricted directory 'path traversal' in OneDrive for Android allows an authorized attacker to elevate privileges over a network...

EUVD-2025-93436

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2025-60707 Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability

...

CVE-2025-60705

Improper access control in Windows Client-Side Caching CSC Service allows an authorized attacker to elevate privileges locally...

CVE-2025-59512

Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...

EUVD-2025-93445

Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...

CVE-2025-59507

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

CVE-2025-59506

Technical details about CVE-2025-59506 are not provided in the supplied connected Microsoft KB/MSRC materials. The CVE entry here notes a race condition in Windows DirectX with local privilege escalation. Monitor for official patch/regression details from Microsoft.

Windows Kernel Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kernel allows an authorized attacker to elevate privileges locally...

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally...

Windows Speech Recognition Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

Windows Administrator Protection Elevation of Privilege Vulnerability

Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

Intel UEFI Integrator Tools 安全漏洞

Intel UEFI Integrator Tools is a firmware integration tool from Intel Corporation USA. A security vulnerability exists in Intel UEFI Integrator Tools that originates from active debugging code in the kernel and could lead to a denial of service and elevation of privilege...