314 matches found
CVE-2025-24055
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.
CVE-2025-24066
Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2025-26668
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-21221
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-21247
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-21319
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-24992
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
CVE-2025-26672
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-27471
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.
CVE-2025-27473
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
CVE-2025-27732
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-21233
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21316
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21338
GDI+ Remote Code Execution Vulnerability
CVE-2025-21371
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-24988
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
CVE-2025-27484
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.
CVE-2025-21210
Windows BitLocker Information Disclosure Vulnerability
CVE-2025-21228
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21231
IP Helper Denial of Service Vulnerability
CVE-2025-24067
Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVE-2025-21244
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-24051
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-26670
Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.
CVE-2025-21197
Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.
CVE-2025-21202
Windows Recovery Environment Agent Elevation of Privilege Vulnerability
CVE-2025-21290
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21359
Windows Kernel Security Feature Bypass Vulnerability
CVE-2025-24046
Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVE-2025-26637
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-26663
Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.
CVE-2025-27738
Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.
CVE-2025-21237
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-24996
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-26665
Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.
CVE-2025-26686
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVE-2025-27735
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2025-21252
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21282
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21294
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21296
BranchCache Remote Code Execution Vulnerability
CVE-2025-24044
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2025-27477
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-27741
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVE-2025-24056
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.
CVE-2025-26679
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.
CVE-2025-29966
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
CVE-2025-21205
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-26669
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-27472
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.