CVE-2025-29837

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

CVE-2023-36005

Windows Telephony Server Elevation of Privilege Vulnerability

CVE-2023-36696

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2024-38234

Windows Networking Denial of Service Vulnerability

CVE-2024-38252

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2025-21272

Windows COM Server Information Disclosure Vulnerability

CVE-2025-33067

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

CVE-2024-43640

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2025-21207

Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

CVE-2025-21220

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2025-21249

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21411

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-29828

Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.

CVE-2024-43581

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.

CVE-2025-32722

Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

CVE-2024-43593

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-21218

Windows Kerberos Denial of Service Vulnerability

CVE-2025-21301

Windows Geolocation Service Information Disclosure Vulnerability

CVE-2025-32715

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

CVE-2025-33055

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-21193

Active Directory Federation Server Spoofing Vulnerability

CVE-2024-38235

Windows Hyper-V Denial of Service Vulnerability

CVE-2025-21257

Windows WLAN AutoConfig Service Information Disclosure Vulnerability

CVE-2024-43646

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2025-21300

Windows upnphost.dll Denial of Service Vulnerability

CVE-2025-29969

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

CVE-2025-33068

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

CVE-2025-47955

Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

CVE-2025-29954

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

CVE-2024-43534

Windows Graphics Component Information Disclosure Vulnerability

CVE-2025-24063

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-29962

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

CVE-2025-33061

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2024-49107

WmsRepair Service Elevation of Privilege Vulnerability

CVE-2025-21352

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-29840

Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

CVE-2025-29841

Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

CVE-2025-33050

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

CVE-2025-33075

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

CVE-2025-29964

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

CVE-2025-33060

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-21248

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21389

Windows upnphost.dll Denial of Service Vulnerability

CVE-2025-29967

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

CVE-2025-32712

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2025-33062

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-29842

Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-32725

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

CVE-2025-29833

Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.