Windows Server 2012 Security Vulnerabilities and Issues — Page 70 of Windows Server 2012 CVE List

7.8CVSS7AI score0.00049EPSS

CVE-2025-47976

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00067EPSS

CVE-2025-47996

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00067EPSS

CVE-2025-48816

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

7.1CVSS6.5AI score0.0024EPSS

CVE-2025-48819

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

CVE-2025-48824

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49657

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

5.5CVSS6.1AI score0.00042EPSS

CVE-2025-49658

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

7.8CVSS7AI score0.00049EPSS

CVE-2025-49660

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00049EPSS

CVE-2025-49661

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-49663

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

7.8CVSS6.6AI score0.00049EPSS

CVE-2025-49667

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2025-49673

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

7.8CVSS6.5AI score0.00122EPSS

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.

6.5CVSS6.2AI score0.00058EPSS

CVE-2025-49681

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

7.8CVSS7.2AI score0.00078EPSS

CVE-2025-49683

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.

5.5CVSS6.2AI score0.00042EPSS

CVE-2025-49684

Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.

7.8CVSS6.5AI score0.00049EPSS

CVE-2025-49686

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00078EPSS

CVE-2025-49689

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

5.7CVSS6.5AI score0.00315EPSS

CVE-2025-49722

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

CVE•added 2025/07/08 5:16 p.m.•15 views

CVE-2025-49727

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7CVSS7AI score0.00045EPSS

CVE•added 2025/07/08 5:16 p.m.•15 views

CVE-2025-49742

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

7.8CVSS7.1AI score0.00067EPSS

CVE•added 2025/07/08 5:16 p.m.•15 views

CVE-2025-49753

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

7.8CVSS6.5AI score0.00062EPSS

CVE-2025-47973

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7CVSS6.6AI score0.00045EPSS

CVE-2025-47975

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.3AI score0.00049EPSS

CVE-2025-48806

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

7.1CVSS7AI score0.00265EPSS

CVE-2025-48821

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

5.5CVSS6AI score0.00058EPSS

CVE-2025-49664

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.

7.8CVSS6.7AI score0.00044EPSS

CVE-2025-49665

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

6.5CVSS6.1AI score0.00077EPSS

CVE-2025-49671

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-49672

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49676

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS6.4AI score0.00049EPSS

CVE-2025-49687

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

8.8CVSS7.1AI score0.00065EPSS

CVE-2025-49688

Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.