2351 matches found
CVE-2025-29840
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-29962
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-33061
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-29841
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
CVE-2025-29964
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-32725
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-33056
Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.
CVE-2025-33060
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2024-43534
Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-49107
WmsRepair Service Elevation of Privilege Vulnerability
CVE-2025-21352
Internet Connection Sharing (ICS) Denial of Service Vulnerability
CVE-2025-29967
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2025-30388
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-32712
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-33064
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2022-40732
An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot....
CVE-2025-33062
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-21248
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-29842
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-21389
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-29833
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.
CVE-2025-24065
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-27468
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
CVE-2025-29829
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
CVE-2025-29835
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29836
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-32718
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
CVE-2025-32719
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-47981
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
CVE-2025-49740
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-29839
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
CVE-2025-29959
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29963
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-33063
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-29960
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-21331
Windows Installer Elevation of Privilege Vulnerability
CVE-2025-29961
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29968
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
CVE-2025-32713
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-29832
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29957
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
CVE-2025-30385
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-32721
Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-33057
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
CVE-2025-48817
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-29830
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29958
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-32716
Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2025-33058
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-48000
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.