Lucene search
K
MicrosoftWindows Server 2025

1314 matches found

CVE
CVE
added 2013/12/11 12:0 a.m.3238 views

CVE-2013-3900

CVE-2013-3900 describes a remote code execution in the WinVerifyTrust Authenticode verification for PE files. An attacker could modify a signed executable to execute code without invalidating the signature, potentially gaining full control of the system. Microsoft republished this CVE in the Secu...

8.8CVSS7.4AI score0.44647EPSS
In wildWeb
CVE
CVE
added 2025/01/14 6:4 p.m.1029 views

CVE-2025-21333

CVE-2025-21333 is a local elevation-of-privilege vulnerability in Windows Hyper‑V NT Kernel Integration VSP. The issue is a heap-based buffer overflow in the VSP component, enabling a local attacker with Low privilege and no user interaction to gain SYSTEM rights on the host. Public materials in ...

7.8CVSS7.7AI score0.09798EPSS
In wild
CVE
CVE
added 2025/01/14 6:3 p.m.963 views

CVE-2025-21298

CVE-2025-21298 is a Windows OLE use-after-free memory corruption vulnerability in ole32.dll (UtOlePresStmToContentsStm) that enables remote code execution via specially crafted RTF, including zero-click scenarios when previews are shown in Outlook. The issue arises from a double-free of the CONTE...

9.8CVSS9.8AI score0.80912EPSS
CVE
CVE
added 2025/04/08 5:23 p.m.747 views

CVE-2025-29824

CVE-2025-29824 is a Use-After-Free vulnerability in the Windows Common Log File System Driver (CLFS) kernel driver, caused by a race condition in W32PROCESS handling via WaitForInputIdle that enables local privilege escalation to SYSTEM. Microsoft patched this in April 2025 (KB5044284). Public ex...

7.8CVSS7.5AI score0.1806EPSS
In wild
CVE
CVE
added 2025/10/14 5:1 p.m.682 views

CVE-2025-59287

CVE-2025-59287 is a deserialization vulnerability in Windows Server Update Services (WSUS) that enables unauthenticated, remote code execution over the network via crafted data (notably SOAP requests to WSUS endpoints such as Client.asmx). Connected exploit analyses confirm the root cause as unsa...

9.8CVSS7AI score0.99962EPSS
In wildWeb
CVE
CVE
added 2025/09/09 5:1 p.m.580 views

CVE-2025-53799

CVE-2025-53799 affects the Windows Imaging Component. The vulnerability arises from use of an uninitialized resource in Imaging Component code, enabling local attackers to disclose information. The NCSC entry confirms the impact as Access to sensitive data with a CVSS-like rating around 5.5 (Medi...

5.5CVSS6.1AI score0.0073EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.566 views

CVE-2025-53803

CVE-2025-53803 affects the Windows Kernel. Reported as: error message generation could disclose sensitive information to an authorized local attacker. According to the available connected sources, the vulnerability is categorized under Windows Kernel with a documented impact of accessing sensitiv...

5.5CVSS5.9AI score0.00606EPSS
CVE
CVE
added 2024/11/12 5:54 p.m.546 views

CVE-2024-38203

Technical details for CVE-2024-38203 are not publicly available in the supplied documents. No specifics on affected products, root cause, or remediation are provided here; monitor the feeds for updates from Microsoft and vulnerability trackers.

6.2CVSS5.8AI score0.00677EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.506 views

CVE-2024-49138

Summary (CVE-2024-49138): A heap-based buffer overflow in the Windows Common Log File System Driver (CLFS.sys) enables local Elevation of Privilege on Windows 11/23h2 (and other supported builds). Public PoCs and exploits exist (GitHub PoC repos and exploits referenced in multiple sources), with ...

7.8CVSS7.5AI score0.25414EPSS
In wild
CVE
CVE
added 2025/02/11 5:58 p.m.500 views

CVE-2025-21391

CVE-2025-21391 (Windows Storage Elevation of Privilege) describes a local privilege escalation in Windows Storage. The vulnerability allows an attacker with low privileges and no user interaction to elevate to SYSTEM by exploiting a link-following flaw in Windows Storage (root cause described as ...

7.1CVSS7.7AI score0.02143EPSS
In wild
CVE
CVE
added 2025/11/11 5:59 p.m.493 views

CVE-2025-62215

CVE-2025-62215 is a Windows Kernel race condition that enables local privilege escalation to SYSTEM by exploiting a concurrency window over kernel object handles, causing a double-free. A PoC exploit repository demonstrates a multithreaded trigger and heap spraying to achieve token elevation. Pub...

7CVSS5.8AI score0.061EPSS
In wild
CVE
CVE
added 2025/10/14 5:1 p.m.492 views

CVE-2025-59230

CVE-2025-59230 describes an improper access control flaw in the Windows Remote Access Connection Manager (RasMan). The vulnerability allows an authenticated local user to elevate privileges to SYSTEM by manipulating RasMan’s IPC handling/ACLs, as reported in multiple sources. Exploitation activit...

7.8CVSS6.5AI score0.02615EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.475 views

CVE-2025-24071

CVE-2025-24071 affects Windows File Explorer via the .library-ms mechanism. When a user opens or extracts ZIP/RAR contents containing a crafted .library-ms, Explorer can trigger an SMB authentication to a remote server, leaking the user’s NTLM hash. No user interaction beyond extraction is requir...

6.5CVSS7.3AI score0.25068EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.474 views

CVE-2025-55695

CVE-2025-55695 describes an out-of-bounds read vulnerability in the Windows WLAN Auto Config Service that enables an authorized local attacker to disclose information. The description in the initial document confirms the root cause (out-of-bounds read) and the impact (local information disclosure...

5.5CVSS6.1AI score0.00372EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.474 views

CVE-2025-59184

CVE-2025-59184 is listed in CVE records as a storage spaces direct information disclosure vulnerability. Connected data links this CVE to Storage Spaces Direct in Windows High Availability Services, implying an information disclosure risk to an unauthorized (local) actor. The core concern shown i...

5.5CVSS6.1AI score0.00395EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.467 views

CVE-2025-59294

CVE-2025-59294 affects Windows Taskbar Live. The description indicates exposure of sensitive information to an unauthorized actor under physical access, enabling information disclosure. Connected documents provide limited details: the exact vulnerable component context and remediation are not spe...

4.6CVSS5.8AI score0.00573EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.462 views

CVE-2025-59211

CVE-2025-59211 concerns exposure of sensitive information to an unauthorized actor in Windows Push Notification Core, enabling an attacker with local access to disclose information. The initial entry identifies a local attack vector with a medium base score (CVSS 3.1: AV=L, AC=L, PR=L, UI=N, S=U,...

5.5CVSS6.1AI score0.00554EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.461 views

CVE-2025-59513

Technical details about CVE-2025-59513 are not publicly available in the provided documents. Monitor for updates from Microsoft and the CVE entry for affected components, impact, and remediation.

5.5CVSS5AI score0.0044EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.451 views

CVE-2025-59204

CVE-2025-59204 concerns Windows Management Services and is triggered by use of an uninitialized resource, leading to local information disclosure. The impact is confidentiality loss with local attack vector (required local access, no user interaction). The connected documents confirm Windows secu...

5.5CVSS6.2AI score0.00468EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.450 views

CVE-2025-54917

CVE-2025-54917 is a network-exploitable issue in Windows MapUrlToZone that enables circumvention of a security mechanism. The CVSS v3.1 base score is 4.3 (NETWORK, LOW attack complexity, NONE privileges, UI required) with a LOW confidentiality impact. The Connected documents indicate this CVE map...

4.3CVSS6.3AI score0.00842EPSS
CVE
CVE
added 2024/11/12 5:54 p.m.436 views

CVE-2024-49039

CVE-2024-49039 is a Windows Task Scheduler privilege-escalation vulnerability. An authenticated local attacker can elevate privileges outside of AppContainer and access privileged RPC functions via the Task Scheduler, enabling local privilege escalation with high impact (CVE-2024-49039). There ar...

8.8CVSS8.6AI score0.13719EPSS
In wild
CVE
CVE
added 2026/01/13 5:56 p.m.436 views

CVE-2026-20862

CVE-2026-20862 is a Windows Management Services information disclosure vulnerability. The description in the initial document states that it allows an authorized attacker to disclose sensitive information locally. The connected Nessus/NCSC/ENISA entries confirm this is a local-impact issue tied t...

5.5CVSS6.1AI score0.00614EPSS
CVE
CVE
added 2024/11/12 5:53 p.m.398 views

CVE-2024-43451

CVE-2024-43451 is a Windows NTLMv2 hash disclosure spoofing vulnerability. Affected: Windows; root cause: NTLM hash leakage occurs when the shell processes .URL shortcuts, triggering NTLM authentication over SMB to an attacker-controlled server. Impact: attackers can obtain NTLMv2 hashes and perf...

6.5CVSS6.5AI score0.81817EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.395 views

CVE-2025-26633

CVE-2025-26633 is a local-privilege-escalation in Microsoft Management Console (MMC) caused by improper neutralization in how MMC loads language-twin .msc files. A malicious “evil twin” .msc in a language directory can execute payloads with the user’s privileges when a user opens a legitimate MMC...

7CVSS6.8AI score0.31894EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.393 views

CVE-2025-33053

Summary of CVE-2025-33053 : A vulnerability in Windows WebDAV/Internet Shortcut handling allows remote code execution when a vulnerable host opens a crafted .url file that points to a WebDAV share. Exploitation relies on the WebClient service resolving UNC paths via WebDAV and may trigger arbitra...

8.8CVSS8.8AI score0.81558EPSS
In wildWeb
CVE
CVE
added 2025/06/10 5:2 p.m.390 views

CVE-2025-33073

CVE-2025-33073 is a network-accessible elevation of privilege in the Windows SMB Client caused by improper access control in the SMB protocol stack. The initial description confirms privilege escalation with network access. Connected documents provide concrete exploit presence: PoCs and proof‑of‑...

8.8CVSS8.7AI score0.64987EPSS
In wild
CVE
CVE
added 2025/05/13 4:58 p.m.386 views

CVE-2025-30394

Technical details for CVE-2025-30394 are not publicly provided in the supplied documents. The description notes a memory locking issue causing a network denial of service, but no vendor/version/impact/fix specifics are available here. Monitor for updates.

5.9CVSS5.7AI score0.20634EPSS
CVE
CVE
added 2025/05/13 4:59 p.m.385 views

CVE-2025-29974

Technical details about CVE-2025-29974 are not publicly provided in the supplied documents. Monitor for updates from Microsoft and other security bulletins to obtain confirmed affected products, scope, and remediation.

5.7CVSS5.6AI score0.00564EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.377 views

CVE-2024-49112

CVE-2024-49112 affects Windows LDAP on Domain Controllers. Connected sources describe an integer-overflow flaw in the LDAP server that can allow unauthenticated remote code execution via crafted CLDAP/LDAP traffic, leading to arbitrary code execution and potential DoS. Exploitation may require lo...

9.8CVSS9.7AI score0.70906EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.374 views

CVE-2025-21337

CVE-2025-21337 is a Windows vulnerability categorized as an elevation of privileges (impact: obtaining elevated privileges) with a low base score (CVSS v3.1: 3.3) and local attack vector. The connected advisory from NCSC-2025-0047 aligns this CVE to a Windows component issue with a CVSS ~3.3 and ...

3.3CVSS6AI score0.00548EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.373 views

CVE-2025-21420

CVE-2025-21420 is evidenced by PoCs showing a Disk Cleanup Tool (cleanmgr.exe) elevation via a DLL sideload approach. The GitHub PoCs demonstrate loading dokan1.dll/dokannp1.dll to trigger arbitrary code paths, with the exploit chain listing SetProcessMitigationPolicy (ProcessRedirectionTrustPoli...

7.8CVSS8.1AI score0.03415EPSS
Web
CVE
CVE
added 2026/05/12 4:58 p.m.367 views

CVE-2026-41089

CVE-2026-41089 is a Windows Netlogon RCE via a stack-based buffer overflow in CLDAP handling. Affected: Windows Server 2012 through 2025 domain controllers. Mechanism (per provided PoCs): unauthenticated remote is possible by sending crafted CLDAP UDP packets; a 528-byte stack buffer overflow occ...

9.8CVSS6.1AI score0.72253EPSS
In wild
CVE
CVE
added 2026/01/13 5:56 p.m.361 views

CVE-2026-0386

CVE-2026-0386 : Windows Deployment Services has an improper access control vulnerability that can allow an adjacent-network attacker to execute code remotely. This entry is supported by multiple sources confirming the issue and indicating Microsoft has released January 2026 security updates to ad...

7.5CVSS7AI score0.00525EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.359 views

CVE-2026-44815

CVE-2026-44815 is a stack-based buffer overflow in the Windows DHCP Client that enables remote code execution over the network. Affected component: Windows DHCP Client; root cause is a stack-based overflow. Consequences are remote code execution with high impact, as indicated by the CVSS vector (...

9.8CVSS6AI score0.011EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.357 views

CVE-2026-20962

CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...

4.4CVSS6.2AI score0.00399EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.350 views

CVE-2025-21189

CVE-2025-21189 is listed as MapUrlToZone Security Feature Bypass. Connected sources categorize its impact as circumvention of a security measure. Public technical detail in the provided documents is limited; no explicit root-cause, vulnerable product/version, or exploitation information is given....

4.3CVSS4.6AI score0.02864EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.342 views

CVE-2025-21418

CVE-2025-21418 is a heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Affected: Windows components exposed to local attack surface; exploitability is local with low attack complexity and no user interaction. Public r...

7.8CVSS8.2AI score0.01459EPSS
In wild
CVE
CVE
added 2026/02/10 5:51 p.m.341 views

CVE-2026-21510

CVE-2026-21510 is a Windows Shell security feature bypass vulnerability (Protection Mechanism Failure) that can allow remote code execution by bypassing SmartScreen prompts and shell warnings. Affected component: Windows Shell (explorer.exe) and related UI elements. Exploitation requires social e...

8.8CVSS5.5AI score0.25835EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.336 views

CVE-2025-24054

CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...

6.5CVSS6.5AI score0.58974EPSS
In wild
CVE
CVE
added 2025/01/14 6:4 p.m.328 views

CVE-2025-21335

CVE-2025-21335 is part of the Windows Hyper-V NT Kernel Integration VSP elevation-of-privilege family. Connected sources confirm three related CVEs: CVE-2025-21333 (heap-based buffer overflow), CVE-2025-21334 (use-after-free), and CVE-2025-21335 (use-after-free). The vulnerability affects the hos...

7.8CVSS7.7AI score0.01363EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.325 views

CVE-2025-33052

CVE-2025-33052 is a local-information-disclosure in the Windows DWM Core Library caused by use of an uninitialized resource. In NVD, it’s rated CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N; impact: confidentiality High. The Connected docs confirm affected component (Windows DWM Core Library) and...

5.5CVSS5.3AI score0.00534EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.324 views

CVE-2025-21334

CVE-2025-21334 concerns Windows Hyper-V NT Kernel Integration VSP with a Use-After-Free vulnerability. The connected documents indicate this family (CVE-21333/21334/21335) involves host–VM communications, yields Elevation of Privilege on the host via local access, and is part of a trio with CVE-2...

7.8CVSS7.7AI score0.0153EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.323 views

CVE-2025-33065

CVE-2025-33065 is an information-disclosure vulnerability: an out-of-bounds read in Windows Storage Management Provider could allow an authorized attacker (local access, low privileges) to disclose information. CVSS v3.1 base metrics indicate Local access, Low attack complexity, Privileges requir...

5.5CVSS5.2AI score0.00529EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.314 views

CVE-2026-45657

CVE-2026-45657 is a use-after-free in the Windows Kernel that enables a remote attacker to execute code over a network without user interaction. The formal CVSSv3.1 base score is 9.8 (CRITICAL), with network attack vector, low attack complexity, no privileges required, and high impact to confiden...

9.8CVSS5.7AI score0.15478EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.289 views

CVE-2026-21533

CVE-2026-21533 affects Windows Remote Desktop Services (RDS) and is caused by improper privilege management (CWE-269), allowing a local authenticated attacker with low privileges to elevate to SYSTEM. Multiple connected sources corroborate that the issue is a local EoP in RDS with CVSSv3 7.8 (HIG...

7.8CVSS5.5AI score0.03846EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.287 views

CVE-2025-24985

CVE-2025-24985 affects the Windows Fast FAT File System Driver and is caused by an integer overflow/wraparound, enabling local code execution. The vulnerability has seen exploitation in the wild (per Krebs/Microsoft Patch Tuesday coverage), and mitigation is to install the MSRC-released updates l...

7.8CVSS7.8AI score0.03705EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.282 views

CVE-2025-24993

CVE-2025-24993 is a Windows NTFS heap-based buffer overflow that allows a locally authenticated attacker to execute arbitrary code. Affected component is NTFS on Windows; root cause is a heap-based overflow in NTFS handling. CVSS v3.1 indicates local attack vector, no privileges required, user in...

7.8CVSS8AI score0.02092EPSS
In wild
CVE
CVE
added 2025/01/14 6:3 p.m.272 views

CVE-2025-21293

CVE-2025-21293 — Active Directory Domain Services Elevation of Privilege. The vulnerability affects Active Directory Domain Services and enables an attacker to obtain elevated privileges via network access, with a CVSS v3.1 base score of 8.8 (High) and impact on confidentiality, integrity, and av...

8.8CVSS8.8AI score0.18185EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.270 views

CVE-2025-21181

Technical details (affected products/versions, root cause, exploitability, fixes) for CVE-2025-21181 are not provided in the supplied documents. Please monitor official advisories for concrete technical information.

7.5CVSS7.8AI score0.03093EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.265 views

CVE-2025-24984

CVE-2025-24984 is an NTFS information-disclosure vulnerability in Windows NTFS caused by insertion of sensitive data into a log file, potentially leaking heap memory when a physical medium is mounted or accessed. CVSS v3.1 vector: AV=Physical/AC=L/PR=None/UI=None/S=Unchanged/C=High/I=None/A=None;...

4.6CVSS6.1AI score0.01831EPSS
In wild
Total number of security vulnerabilities1314