CVE-2025-27737

Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.

CVE-2024-38149

BranchCache Denial of Service Vulnerability

CVE-2024-43506

BranchCache Denial of Service Vulnerability

CVE-2024-43516

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43518

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2024-43535

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-43556

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2025-21281

Microsoft COM for Windows Elevation of Privilege Vulnerability

CVE-2025-21320

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-27472

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2024-38256

Windows Kernel-Mode Driver Information Disclosure Vulnerability

CVE-2024-43515

Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability

CVE-2024-43645

Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability

CVE-2025-21214

Windows BitLocker Information Disclosure Vulnerability

CVE-2025-21223

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21236

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21238

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21243

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-24072

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

CVE-2025-26687

Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-26688

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.

CVE-2025-47955

Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

CVE-2024-38239

Windows Kerberos Elevation of Privilege Vulnerability

CVE-2025-21217

Windows NTLM Spoofing Vulnerability

CVE-2025-21227

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21239

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21240

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21256

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21266

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21269

Windows HTML Platforms Security Feature Bypass Vulnerability

CVE-2025-21299

Windows Kerberos Security Feature Bypass Vulnerability

CVE-2025-21305

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21347

Windows Deployment Services Denial of Service Vulnerability

CVE-2025-24059

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-24987

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

CVE-2024-38238

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38247

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-38249

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2025-21277

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21288

Windows COM Server Information Disclosure Vulnerability

CVE-2025-21289

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21378

Windows CSC Service Elevation of Privilege Vulnerability

CVE-2025-24069

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

CVE-2025-24995

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-26641

Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.

CVE-2024-43547

Windows Kerberos Information Disclosure Vulnerability

CVE-2024-43622

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-49090

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2025-21201

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2025-21246

Windows Telephony Service Remote Code Execution Vulnerability