Windows Server 2025@* Security Vulnerabilities and Issues — Page 5 of Windows Server 2025@* CVE List

8.8CVSS8AI score0.00083EPSS

CVE-2025-21221

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-21247

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

4.3CVSS4.7AI score0.00167EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21292

Windows Search Service Elevation of Privilege Vulnerability

8.8CVSS8.8AI score0.00126EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21319

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00092EPSS

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-24992

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

5.5CVSS6.5AI score0.00104EPSS

6.5CVSS6.8AI score0.00074EPSS

CVE-2025-26672

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

5.9CVSS6.9AI score0.00056EPSS

CVE-2025-27471

Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.12218EPSS

CVE-2025-27473

Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

CVE•added 2025/04/08 6:16 p.m.•85 views

CVE-2025-27732

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00036EPSS

CVE•added 2025/04/08 6:16 p.m.•85 views

CVE-2025-27739

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00066EPSS

CVE•added 2025/04/08 6:16 p.m.•85 views

CVE-2025-29812

Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.0012EPSS

CVE•added 2024/12/12 2:4 a.m.•84 views

CVE-2024-49098

Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability

4.3CVSS4.5AI score0.00149EPSS

8.8CVSS9AI score0.00461EPSS

CVE-2025-21233

Windows Telephony Service Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.0041EPSS

CVE-2025-21309

Windows Remote Desktop Services Remote Code Execution Vulnerability

5.5CVSS5.3AI score0.00158EPSS

CVE-2025-21316

Windows Kernel Memory Information Disclosure Vulnerability

7.8CVSS7.9AI score0.00266EPSS

CVE-2025-21338

GDI+ Remote Code Execution Vulnerability

CVE•added 2025/02/11 6:15 p.m.•84 views

CVE-2025-21371

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00675EPSS

CVE•added 2025/06/10 5:21 p.m.•84 views

CVE-2025-32710

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.5AI score0.0013EPSS

CVE•added 2024/11/12 6:15 p.m.•83 views

CVE-2024-43449

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

7.8CVSS7.1AI score0.001EPSS

CVE-2025-24062

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE•added 2025/03/11 5:16 p.m.•83 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00118EPSS

7CVSS7.5AI score0.00046EPSS

CVE-2025-26640

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

7.5CVSS7AI score0.12218EPSS

CVE-2025-26680

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.