Windows Server 2025 Security Vulnerabilities and Issues — Windows Server 2025 CVE List

Lucene search

MicrosoftWindows Server 2025

97 matches found

CVE•added 2023/05/09 6:15 p.m.•596 views

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

6.7CVSS6.9AI score0.00536EPSS

CVE•added 2024/11/12 6:15 p.m.•492 views

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

6.2CVSS5.8AI score0.00125EPSS

CVE•added 2025/03/11 5:16 p.m.•336 views

CVE-2025-24071

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.3AI score0.6231EPSS

CVE•added 2024/11/12 6:15 p.m.•310 views

CVE-2024-43451

NTLM Hash Disclosure Spoofing Vulnerability

6.5CVSS6.5AI score0.89087EPSS

CVE•added 2025/03/11 5:16 p.m.•234 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.38746EPSS

CVE•added 2025/01/14 6:15 p.m.•173 views

CVE-2025-21263

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00132EPSS

CVE•added 2025/01/14 6:15 p.m.•159 views

CVE-2025-21341

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00132EPSS

CVE•added 2024/12/12 2:4 a.m.•158 views

CVE-2024-49082

Windows File Explorer Information Disclosure Vulnerability

6.8CVSS6.4AI score0.0011EPSS

CVE•added 2025/01/14 6:15 p.m.•154 views

CVE-2025-21327

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00132EPSS

CVE•added 2025/01/14 6:15 p.m.•130 views

CVE-2025-21310

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/01/14 6:15 p.m.•128 views

CVE-2025-21211

Secure Boot Security Feature Bypass Vulnerability

6.8CVSS6.6AI score0.00155EPSS

CVE•added 2025/01/14 6:15 p.m.•128 views

CVE-2025-21260

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/02/11 6:15 p.m.•120 views

CVE-2025-21377

NTLM Hash Disclosure Spoofing Vulnerability

6.5CVSS7.4AI score0.03602EPSS

CVE•added 2024/12/12 2:4 a.m.•119 views

CVE-2024-49077

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

6.8CVSS6.6AI score0.00348EPSS

CVE•added 2024/12/12 2:4 a.m.•111 views

CVE-2024-49109

Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.0023EPSS

CVE•added 2024/11/12 6:15 p.m.•110 views

CVE-2024-43634

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

CVE•added 2024/12/12 2:4 a.m.•108 views

CVE-2024-49094

Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.0023EPSS

CVE•added 2024/11/12 6:15 p.m.•107 views

CVE-2024-43637

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

CVE•added 2025/04/08 6:15 p.m.•101 views

CVE-2025-26651

Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

6.5CVSS7.1AI score0.15589EPSS

CVE•added 2025/01/14 6:15 p.m.•99 views

CVE-2025-21226

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/02/11 6:15 p.m.•97 views

CVE-2025-21349

Windows Remote Desktop Configuration Service Tampering Vulnerability

6.8CVSS7.5AI score0.00066EPSS

CVE•added 2025/01/14 6:15 p.m.•96 views

CVE-2025-21324

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/02/11 6:15 p.m.•95 views

CVE-2025-21254

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00097EPSS

CVE•added 2025/01/14 6:15 p.m.•95 views

CVE-2025-21308

Windows Themes Spoofing Vulnerability

6.5CVSS6.5AI score0.00466EPSS

CVE•added 2025/01/14 6:15 p.m.•94 views

CVE-2025-21255

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2024/12/12 2:4 a.m.•93 views

CVE-2024-49083

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00293EPSS

CVE•added 2025/01/14 6:15 p.m.•91 views

CVE-2025-21261

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00132EPSS

CVE•added 2024/11/12 6:15 p.m.•88 views

CVE-2024-43638

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

CVE•added 2025/01/14 6:15 p.m.•88 views

CVE-2025-21229

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/01/14 6:15 p.m.•88 views

CVE-2025-21232

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2024/12/12 2:4 a.m.•86 views

CVE-2024-49092

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

6.8CVSS6.6AI score0.00227EPSS

CVE•added 2025/02/11 6:15 p.m.•85 views

CVE-2025-21216

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00097EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-26672

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00074EPSS

CVE•added 2024/11/12 6:15 p.m.•83 views

CVE-2024-43449

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

CVE•added 2025/03/11 5:16 p.m.•83 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00118EPSS

CVE•added 2025/02/11 6:15 p.m.•82 views

CVE-2025-21212

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00097EPSS

CVE•added 2025/01/14 6:15 p.m.•82 views

CVE-2025-21228

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2024/12/12 2:4 a.m.•81 views

CVE-2024-49101

Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.0023EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-21203

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00074EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26664

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00074EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26676

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00074EPSS

CVE•added 2025/04/08 6:15 p.m.•80 views

CVE-2025-21197

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

6.5CVSS6.7AI score0.00126EPSS

CVE•added 2025/01/14 6:15 p.m.•80 views

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

6.1CVSS6.3AI score0.00122EPSS

CVE•added 2025/01/14 6:15 p.m.•80 views

CVE-2025-21313

Windows Security Account Manager (SAM) Denial of Service Vulnerability

6.5CVSS6.4AI score0.00325EPSS

CVE•added 2025/04/08 6:15 p.m.•80 views

CVE-2025-26637

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.9AI score0.00113EPSS

CVE•added 2025/04/08 6:16 p.m.•80 views

CVE-2025-27738

Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

6.5CVSS6.7AI score0.00126EPSS

CVE•added 2024/11/12 6:15 p.m.•79 views

CVE-2024-43643

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

CVE•added 2024/12/12 2:4 a.m.•79 views

CVE-2024-49081

Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00297EPSS

CVE•added 2025/03/11 5:16 p.m.•79 views

CVE-2025-24996

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.9AI score0.00238EPSS

CVE•added 2025/04/08 6:15 p.m.•79 views

CVE-2025-27474

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00229EPSS

Total number of security vulnerabilities97