CVE-2025-29974

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.

CVE-2025-30394

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.

CVE-2025-33065

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-33052

Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

CVE-2025-27736

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

CVE-2025-21274

Windows Event Tracing Denial of Service Vulnerability

CVE-2025-47160

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-24068

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-21318

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21340

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

CVE-2025-21242

Windows Kerberos Information Disclosure Vulnerability

CVE-2025-33059

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-26644

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

CVE-2025-27742

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

CVE-2025-21317

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21280

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

CVE-2025-21225

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

CVE-2024-38264

Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

CVE-2025-32720

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-21319

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-24992

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

CVE-2025-27471

Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.

CVE-2025-21316

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21320

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21374

Windows CSC Service Information Disclosure Vulnerability

CVE-2025-24069

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-21284

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

CVE-2025-21323

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21336

Windows Cryptographic Information Disclosure Vulnerability

CVE-2025-21350

Windows Kerberos Denial of Service Vulnerability

CVE-2025-21321

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-29837

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

CVE-2025-32722

Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

CVE-2025-33055

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-21257

Windows WLAN AutoConfig Service Information Disclosure Vulnerability

CVE-2025-33061

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-33060

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-33062

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-24065

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-29829

Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.

CVE-2025-32719

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-33069

Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.

CVE-2025-33063

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-33058

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-29956

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

CVE-2025-48823

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.

CVE-2025-26636

Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2025-48810

Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.

CVE-2025-48808

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.