CVE-2025-33071

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

CVE-2025-21205

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVE-2025-24073

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-26669

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-26673

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

CVE-2025-27737

Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.

CVE-2024-49073

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2025-21224

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

CVE-2025-21265

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21281

Microsoft COM for Windows Elevation of Privilege Vulnerability

CVE-2025-21320

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-24072

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

CVE-2025-27469

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

CVE-2025-48799

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

CVE-2025-21183

Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability

CVE-2025-21236

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21238

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21347

Windows Deployment Services Denial of Service Vulnerability

CVE-2025-24059

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-24987

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

CVE-2025-26649

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

CVE-2025-26667

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-26687

Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-26688

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.

CVE-2025-27729

Use after free in Windows Shell allows an unauthorized attacker to execute code locally.

CVE-2024-49108

Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-21214

Windows BitLocker Information Disclosure Vulnerability

CVE-2025-21217

Windows NTLM Spoofing Vulnerability

CVE-2025-21239

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21240

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21256

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21266

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21269

Windows HTML Platforms Security Feature Bypass Vulnerability

CVE-2025-21299

Windows Kerberos Security Feature Bypass Vulnerability

CVE-2025-21305

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-24048

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2025-24069

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-24995

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

CVE-2024-43622

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-49090

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2025-21201

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2025-21223

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21288

Windows COM Server Information Disclosure Vulnerability

CVE-2025-21289

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21314

Windows SmartScreen Spoofing Vulnerability

CVE-2025-21315

Microsoft Brokering File System Elevation of Privilege Vulnerability

CVE-2025-21378

Windows CSC Service Elevation of Privilege Vulnerability

CVE-2025-26641

Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.

CVE-2025-27467

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

CVE-2024-43621

Windows Telephony Service Remote Code Execution Vulnerability