257 matches found
CVE-2025-21298
Windows OLE Remote Code Execution Vulnerability
CVE-2025-29824
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-29974
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.
CVE-2025-21337
Windows NTFS Elevation of Privilege Vulnerability
CVE-2025-21189
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-24983
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2025-21418
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-26633
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-33053
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-21181
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21413
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-24985
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVE-2025-21230
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-24993
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVE-2025-24991
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
CVE-2025-33073
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
CVE-2025-21302
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21263
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-30397
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
CVE-2025-21341
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21327
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-32706
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-32701
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-21245
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21310
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21417
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21260
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21273
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21204
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
CVE-2025-21329
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21377
NTLM Hash Disclosure Spoofing Vulnerability
CVE-2025-21303
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21286
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21332
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21376
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2025-21369
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-29810
Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
CVE-2025-21208
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-21251
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21297
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-26647
Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26671
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2025-21226
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21242
Windows Kerberos Information Disclosure Vulnerability
CVE-2025-21191
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
CVE-2025-21295
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
CVE-2025-21307
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2025-21419
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
CVE-2025-21270
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability