KB5071503: Windows Server 2012 R2 Security Update (December 2025)

The remote Windows host is missing security update 5071503. It is, therefore, affected by multiple vulnerabilities - Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-62549 - Heap-based buffer...

EUVD-2013-1301

Malware in sbrugna...

EUVD-2024-37761

Malicious code in bioql PyPI...

EUVD-2022-29355

Malicious code in bioql PyPI...

CVE-2025-49733

CVE-2025-49733 is a local privilege escalation in Windows Win32K ICOMP due to a use-after-free condition. The vulnerability can be exploited locally by an authenticated user to obtain elevated privileges. Microsoft’s July 2025 security updates address this issue (driver/OS updates noted in KBs an...

CVE-2020-1247

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310...

CVE-2020-0726

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723,...

CVE-2024-43636

CVE-2024-43636 is a Win32k local elevation-of-privilege vulnerability with a CVSSv3.1 base score 7.8 (LOCAL, LOW PRIVILEGES, NO USER INTERACTION; impacts HIGH across confidentiality, integrity, and availability). CONNECTED documents confirm Windows OS components (Win32k) are affected and that Mic...

Win32k Elevation of Privilege Vulnerability

...

Win32k Elevation of Privilege Vulnerability

...

CVE-2023-41772

Win32k Elevation of Privilege Vulnerability...

Win32k Elevation of Privilege Vulnerability

...

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20887 VMware Aria Operations for Networks Command Injection Vulnerability CVE-2020-35730 Roundcube Webmail Cross-Site Scripting XSS Vulnerability CVE-2020-1264...

Microsoft's May Patch Tuesday Fixes 38 Flaws, Including 2 Exploited Zero-Day Bugs

Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including two zero-day bugs that it said are being actively exploited in the wild. Trend Micro's Zero Day Initiative ZDI said the volume is the lowest since August 2021, although it pointed out that "this...

PT-2023-2467 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Win32k component of the Windows operating system. This can allow an attacker to elevate their privileges. There is no information...

CVE-2022-41092 Windows Win32k Elevation of Privilege Vulnerability

...

CVE-2022-24542 Windows Win32k Elevation of Privilege Vulnerability

...

CVE-2022-21882 Win32k Elevation of Privilege Vulnerability

...

CVE-2021-34449

Win32k Elevation of Privilege Vulnerability...

CVE-2021-1732

Windows Win32k Elevation of Privilege Vulnerability...