CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

CVE-2025-21210

Windows BitLocker Information Disclosure Vulnerability

CVE-2025-21212

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21228

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21231

IP Helper Denial of Service Vulnerability

CVE-2025-24067

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

CVE-2025-21244

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-24051

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-26670

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

CVE-2025-21197

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

CVE-2025-21290

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21359

Windows Kernel Security Feature Bypass Vulnerability

CVE-2025-24046

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

CVE-2025-26637

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2025-26639

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-26663

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

CVE-2025-26675

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

CVE-2025-27738

Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

CVE-2025-21235

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

CVE-2025-21237

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21330

Windows Remote Desktop Services Denial of Service Vulnerability

CVE-2025-24050

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2025-24996

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-26665

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.

CVE-2025-26686

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

CVE-2025-21234

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

CVE-2025-21252

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21282

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21294

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21296

BranchCache Remote Code Execution Vulnerability

CVE-2025-24044

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

CVE-2025-27477

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVE-2025-24056

Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.

CVE-2025-26666

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.

CVE-2025-26674

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.

CVE-2025-26679

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.

CVE-2025-29811

Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.

CVE-2025-29966

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.

CVE-2025-21205

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVE-2025-21291

Windows Direct Show Remote Code Execution Vulnerability

CVE-2025-26669

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-27737

Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.

CVE-2025-21224

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

CVE-2025-21265

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21281

Microsoft COM for Windows Elevation of Privilege Vulnerability

CVE-2025-21320

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-24072

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

CVE-2025-24073

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.