528 matches found
CVE-2025-21359
Windows Kernel Security Feature Bypass Vulnerability
CVE-2025-24046
Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVE-2025-26686
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVE-2025-27474
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-27735
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2025-27740
Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.
CVE-2025-21252
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21282
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21294
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21296
BranchCache Remote Code Execution Vulnerability
CVE-2025-24044
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2025-24050
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVE-2025-26666
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
CVE-2025-27477
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-29828
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.
CVE-2025-26674
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
CVE-2025-26679
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.
CVE-2025-29811
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
CVE-2025-21205
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-21265
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-24056
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.
CVE-2025-24073
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2025-26669
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-26673
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
CVE-2025-27469
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
CVE-2025-27737
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-33071
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-21224
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
CVE-2025-21281
Microsoft COM for Windows Elevation of Privilege Vulnerability
CVE-2025-21320
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-26667
Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-21183
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-21214
Windows BitLocker Information Disclosure Vulnerability
CVE-2025-21223
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21236
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21238
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21243
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-24072
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
CVE-2025-26649
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
CVE-2025-26687
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26688
Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.
CVE-2025-27729
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
CVE-2025-47955
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-21217
Windows NTLM Spoofing Vulnerability
CVE-2025-21227
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21239
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21240
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21256
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21266
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21269
Windows HTML Platforms Security Feature Bypass Vulnerability