Home/Product/microsoft windows 11 22h2
Product

microsoft windows 11 22h2

500 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-64680
< 10.0.22621.6060
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-64679
< 10.0.22621.6060
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-62209
< 10.0.22621.6060
Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information
5.5MEDIUM
 CVE-2025-62208
< 10.0.22621.6060
Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information
5.5MEDIUM
 CVE-2025-59502
< 10.0.22621.5909
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network.
7.5HIGH
 CVE-2025-59295
< 10.0.22621.6060
Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-59294
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose inf
2.1LOW
 CVE-2025-59290
< 10.0.22621.5909
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59289
< 10.0.22621.5909
Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-59284
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing loc
3.3LOW
 CVE-2025-59282
<= 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unautho
7.0HIGH
 CVE-2025-59280
< 10.0.22621.6060
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.
3.1LOW
 CVE-2025-59278
< 10.0.22621.6060
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileg
7.8HIGH
 CVE-2025-59277
< 10.0.22621.6060
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileg
7.8HIGH
 CVE-2025-59275
< 10.0.22621.6060
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileg
7.8HIGH
 CVE-2025-59261
< 10.0.22621.6060
Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privile
7.0HIGH
 CVE-2025-59259
< 10.0.22621.6060
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny servic
6.5MEDIUM
 CVE-2025-59255
< 10.0.22621.6060
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59254
< 10.0.22621.6060
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59253
< 10.0.22621.6060
Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
5.5MEDIUM
 CVE-2025-59244
< 10.0.22621.6060
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-59242
< 10.0.22621.6060
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges lo
7.8HIGH
 CVE-2025-59230
< 10.0.22621.6060
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59214
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spo
6.5MEDIUM
 CVE-2025-59211
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disc
5.5MEDIUM
 CVE-2025-59209
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disc
5.5MEDIUM
 CVE-2025-59208
< 10.0.22621.6060
Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.
7.1HIGH
 CVE-2025-59207
< 10.0.22621.6060
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59205
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows
7.0HIGH
 CVE-2025-59204
< 10.0.22621.6060
Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-59203
< 10.0.22621.6060
Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose informat
5.5MEDIUM
 CVE-2025-59202
< 10.0.22621.6060
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-59201
< 10.0.22621.6060
Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59200
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows
7.7HIGH
 CVE-2025-59199
< 10.0.22621.6060
Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59198
< 10.0.22621.6060
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
5.0MEDIUM
 CVE-2025-59197
< 10.0.22621.6060
Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information loca
5.5MEDIUM
 CVE-2025-59196
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth
7.0HIGH
 CVE-2025-59195
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows
7.0HIGH
 CVE-2025-59194
< 10.0.22621.6060
Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-59193
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows
7.0HIGH
 CVE-2025-59192
< 10.0.22621.6060
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59191
< 10.0.22621.6060
Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges loca
7.8HIGH
 CVE-2025-59190
< 10.0.22621.6060
Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally.
5.5MEDIUM
 CVE-2025-59187
< 10.0.22621.6060
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-59185
< 10.0.22621.6060
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-58739
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spo
6.5MEDIUM
 CVE-2025-58738
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58736
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58735
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58734
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58733
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58732
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58731
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58730
< 10.0.22621.6060
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-58729
< 10.0.22621.6060
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny servic
6.5MEDIUM
 CVE-2025-58728
< 10.0.22621.6060
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-58727
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform
7.0HIGH
 CVE-2025-58726
< 10.0.22621.6060
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
7.5HIGH
 CVE-2025-58725
< 10.0.22621.6060
Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-58722
< 10.0.22621.6060
Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-58720
< 10.0.22621.6060
Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to di
7.8HIGH
 CVE-2025-58719
< 10.0.22621.6060
Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
4.7MEDIUM
 CVE-2025-58718
< 10.0.22621.6060
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-58717
< 10.0.22621.6060
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-58716
< 10.0.22621.6060
Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
8.8HIGH
 CVE-2025-58715
< 10.0.22621.6060
Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
8.8HIGH
 CVE-2025-58714
< 10.0.22621.6060
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges local
7.8HIGH
 CVE-2025-55701
< 10.0.22621.6060
Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-55700
< 10.0.22621.6060
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-55699
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information
5.5MEDIUM
 CVE-2025-55696
< 10.0.22621.6060
Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to
7.8HIGH
 CVE-2025-55695
< 10.0.22621.6060
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-55692
< 10.0.22621.6060
Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-55689
< 10.0.22621.6060
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-55687
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS
7.4HIGH
 CVE-2025-55685
< 10.0.22621.6060
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-55681
< 10.0.22621.6060
Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-55680
< 10.0.22621.6060
Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to eleva
7.8HIGH
 CVE-2025-55679
< 10.0.22621.6060
Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally.
5.1MEDIUM
 CVE-2025-55678
< 10.0.22621.6060
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-55340
< 10.0.22621.6060
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
7.0HIGH
 CVE-2025-55339
< 10.0.22621.6060
Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-55338
< 10.0.22621.6060
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physica
6.1MEDIUM
 CVE-2025-55336
< 10.0.22621.6060
Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker
5.5MEDIUM
 CVE-2025-55335
< 10.0.22621.6060
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
7.4HIGH
 CVE-2025-55334
< 10.0.22621.6060
Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally.
6.2MEDIUM
 CVE-2025-55333
< 10.0.22621.6060
Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with
6.1MEDIUM
 CVE-2025-55332
< 10.0.22621.6060
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with
6.1MEDIUM
 CVE-2025-55331
< 10.0.22621.6060
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-55330
< 10.0.22621.6060
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with
6.1MEDIUM
 CVE-2025-55328
< 10.0.22621.6060
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorize
7.8HIGH
 CVE-2025-55326
< 10.0.22621.6060
Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network.
7.5HIGH
 CVE-2025-55325
< 10.0.22621.6060
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-53768
< 10.0.22621.6060
Use after free in Xbox allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53717
< 10.0.22621.6060
Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized at
7.0HIGH
 CVE-2025-53150
< 10.0.22621.6060
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53139
< 10.0.22621.6060
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature loca
7.7HIGH
 CVE-2025-50175
< 10.0.22621.6060
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-50152
< 10.0.22621.6060
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49708
< 10.0.22621.6060
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.
9.9CRITICAL
 CVE-2025-48813
< 10.0.22621.6060
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.
6.3MEDIUM
 CVE-2025-48004
< 10.0.22621.6060
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
7.4HIGH
 CVE-2025-25004
< 10.0.22621.6060
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-24990
< 10.0.22621.6060
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating s
7.8HIGH
 CVE-2025-24052
< 10.0.22621.6060
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating s
7.8HIGH
 CVE-2025-59220
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an
7.0HIGH
 CVE-2025-55236
< 10.0.22621.5909
Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally.
7.3HIGH
 CVE-2025-55234
< 10.0.22621.5909
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vuln
8.8HIGH
 CVE-2025-55228
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.8HIGH
 CVE-2025-55226
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorize
6.7MEDIUM
 CVE-2025-55224
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.8HIGH
 CVE-2025-55223
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorize
7.0HIGH
 CVE-2025-54919
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.5HIGH
 CVE-2025-54918
< 10.0.22621.5909
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
8.8HIGH
 CVE-2025-54917
< 10.0.22621.5909
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
4.3MEDIUM
 CVE-2025-54916
< 10.0.22621.5909
Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-54915
< 10.0.22621.5909
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t
6.7MEDIUM
 CVE-2025-54913
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows UI XAML Maps MapControlSett
7.8HIGH
 CVE-2025-54912
< 10.0.22621.5909
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-54911
< 10.0.22621.5909
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-54895
< 10.0.22621.5909
Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-54894
< 10.0.22621.5909
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-54116
< 10.0.22621.5909
Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-54115
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorize
7.0HIGH
 CVE-2025-54114
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform
7.0HIGH
 CVE-2025-54112
< 10.0.22621.5909
Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-54111
< 10.0.22621.5909
Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-54110
< 10.0.22621.5909
Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.
8.8HIGH
 CVE-2025-54109
< 10.0.22621.5909
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t
6.7MEDIUM
 CVE-2025-54107
< 10.0.22621.5909
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over
4.3MEDIUM
 CVE-2025-54104
< 10.0.22621.5909
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t
6.7MEDIUM
 CVE-2025-54103
< 10.0.22621.5909
Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally.
7.4HIGH
 CVE-2025-54102
< 10.0.22621.5909
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-54101
< 10.0.22621.5909
Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.
4.8MEDIUM
 CVE-2025-54099
< 10.0.22621.5909
Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges l
7.0HIGH
 CVE-2025-54098
< 10.0.22621.5909
Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-54094
< 10.0.22621.5909
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t
6.7MEDIUM
 CVE-2025-54093
< 10.0.22621.5909
Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-54092
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorize
7.8HIGH
 CVE-2025-54091
< 10.0.22621.5909
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53810
< 10.0.22621.5909
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t
6.7MEDIUM
 CVE-2025-53808
< 10.0.22621.5909
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t
6.7MEDIUM
 CVE-2025-53807
< 10.0.22621.5909
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows
7.0HIGH
 CVE-2025-53805
< 10.0.22621.5909
Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.
7.5HIGH
 CVE-2025-53804
< 10.0.22621.5909
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information
5.5MEDIUM
 CVE-2025-53803
< 10.0.22621.5909
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose informati
5.5MEDIUM
 CVE-2025-53802
< 10.0.22621.5909
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53801
< 10.0.22621.5909
Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53800
< 10.0.22621.5909
No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53799
< 10.0.22621.5909
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-49734
< 10.0.22621.5909
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate
7.0HIGH
 CVE-2025-55230
< 10.0.22621.5624
Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-55229
< 10.0.22621.5335
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over
5.3MEDIUM
 CVE-2025-53789
< 10.0.22621.5624
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges lo
7.8HIGH
 CVE-2025-53778
< 10.0.22621.5768
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
8.8HIGH
 CVE-2025-53766
< 10.0.22621.5768
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
9.8CRITICAL
 CVE-2025-53726
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva
7.8HIGH
 CVE-2025-53725
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva
7.8HIGH
 CVE-2025-53724
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva
7.8HIGH
 CVE-2025-53723
< 10.0.22621.5768
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53722
< 10.0.22621.5768
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a networ
7.5HIGH
 CVE-2025-53721
< 10.0.22621.5768
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53718
< 10.0.22621.5768
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53716
< 10.0.22621.5768
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny servi
6.5MEDIUM
 CVE-2025-53155
< 10.0.22621.5768
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53154
< 10.0.22621.5768
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca
7.8HIGH
 CVE-2025-53152
< 10.0.22621.5768
Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-53151
< 10.0.22621.5768
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-53149
< 10.0.22621.5768
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locall
7.8HIGH
 CVE-2025-53147
< 10.0.22621.5768
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53145
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute
8.8HIGH
 CVE-2025-53144
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute
8.8HIGH
 CVE-2025-53143
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute
8.8HIGH
 CVE-2025-53142
< 10.0.22621.5768
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53141
< 10.0.22621.5768
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca
7.8HIGH
 CVE-2025-53140
< 10.0.22621.5768
Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53137
< 10.0.22621.5768
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-53136
< 10.0.22621.5768
Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose infor
5.5MEDIUM
 CVE-2025-53135
< 10.0.22621.5768
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorize
7.0HIGH
 CVE-2025-53134
< 10.0.22621.5768
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f
7.0HIGH
 CVE-2025-53132
< 10.0.22621.5768
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.8HIGH
 CVE-2025-53131
< 10.0.22621.5768
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-50177
< 10.0.22621.5768
Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network.
8.1HIGH
 CVE-2025-50176
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code loc
7.8HIGH
 CVE-2025-50173
< 10.0.22621.5768
Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-50172
< 10.0.22621.5768
Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a netwo
6.5MEDIUM
 CVE-2025-50170
< 10.0.22621.5768
Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacke
7.8HIGH
 CVE-2025-50168
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate p
7.8HIGH
 CVE-2025-50167
< 10.0.22621.5768
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorize
7.0HIGH
 CVE-2025-50166
< 10.0.22621.5768
Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose informatio
6.5MEDIUM
 CVE-2025-50161
< 10.0.22621.5768
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-50159
< 10.0.22621.5768
Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-50158
< 10.0.22621.5768
Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally.
7.0HIGH
 CVE-2025-50155
< 10.0.22621.5768
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva
7.8HIGH
 CVE-2025-50154
< 10.0.22621.5768
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spo
6.5MEDIUM
 CVE-2025-50153
< 10.0.22621.5768
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49762
< 10.0.22621.5768
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f
7.0HIGH
 CVE-2025-49761
< 10.0.22621.5768
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49751
< 10.0.22621.5768
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
6.8MEDIUM
 CVE-2025-49743
< 10.0.22621.5768
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows
6.7MEDIUM
 CVE-2025-48807
< 10.0.22621.5624
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute co
6.7MEDIUM
 CVE-2025-49760
< 10.0.22621.5624
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
3.5LOW
 CVE-2025-49744
< 10.0.22621.5624
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-49742
< 10.0.22621.5624
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-49740
< 10.0.22621.5624
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
8.8HIGH
 CVE-2025-49733
< 10.0.22621.5624
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49732
< 10.0.22621.5624
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49730
< 10.0.22621.5624
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate priv
7.8HIGH
 CVE-2025-49727
< 10.0.22621.5624
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-49726
< 10.0.22621.5624
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49725
< 10.0.22621.5624
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49724
< 10.0.22621.5624
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-49723
< 10.0.22621.5624
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.
8.8HIGH
 CVE-2025-49722
< 10.0.22621.5624
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjace
5.7MEDIUM
 CVE-2025-49721
< 10.0.22621.5624
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49693
< 10.0.22621.5624
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49691
< 10.0.22621.5624
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.
8.0HIGH
 CVE-2025-49690
< 10.0.22621.5624
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Servic
7.4HIGH
 CVE-2025-49689
< 10.0.22621.5624
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49687
< 10.0.22621.5624
Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
8.8HIGH
 CVE-2025-49686
< 10.0.22621.5624
Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49685
< 10.0.22621.5624
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-49684
< 10.0.22621.5624
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-49683
< 10.0.22621.5624
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-49682
< 10.0.22621.5624
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-49680
< 10.0.22621.5624
Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to de
7.3HIGH
 CVE-2025-49679
< 10.0.22621.5624
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49678
< 10.0.22621.5624
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-49677
< 10.0.22621.5624
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-49675
< 10.0.22621.5624
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49667
< 10.0.22621.5624
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49665
< 10.0.22621.5624
Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authoriz
7.8HIGH
 CVE-2025-49664
< 10.0.22621.5624
Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacke
5.5MEDIUM
 CVE-2025-49661
< 10.0.22621.5624
Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges
7.8HIGH
 CVE-2025-49660
< 10.0.22621.5624
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49659
< 10.0.22621.5624
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-49658
< 10.0.22621.5624
Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-48823
< 10.0.22621.5624
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.
5.9MEDIUM
 CVE-2025-48822
< 10.0.22621.5624
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
8.6HIGH
 CVE-2025-48821
< 10.0.22621.5624
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an a
7.1HIGH
 CVE-2025-48820
< 10.0.22621.5624
Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to
7.8HIGH
 CVE-2025-48819
< 10.0.22621.5624
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized atta
7.1HIGH
 CVE-2025-48818
< 10.0.22621.5624
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security featur
6.8MEDIUM
 CVE-2025-48817
< 10.0.22621.5624
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-48816
< 10.0.22621.5624
Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-48815
< 10.0.22621.5624
Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate pri
7.8HIGH
 CVE-2025-48814
< 10.0.22621.5624
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass
7.5HIGH
 CVE-2025-48811
< 10.0.22621.5624
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevat
6.7MEDIUM
 CVE-2025-48808
< 10.0.22621.5624
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information
5.5MEDIUM
 CVE-2025-48806
< 10.0.22621.5624
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-48805
< 10.0.22621.5624
Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-48804
< 10.0.22621.5624
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a securit
6.8MEDIUM
 CVE-2025-48803
< 10.0.22621.5624
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevat
6.7MEDIUM
 CVE-2025-48802
< 10.0.22621.5624
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-48800
< 10.0.22621.5624
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical att
6.8MEDIUM
 CVE-2025-48799
< 10.0.22621.5624
Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate
7.8HIGH
 CVE-2025-48003
< 10.0.22621.5624
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical att
6.8MEDIUM
 CVE-2025-48001
< 10.0.22621.5624
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security featur
6.8MEDIUM
 CVE-2025-48000
< 10.0.22621.5624
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47999
< 10.0.22621.5624
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
6.8MEDIUM
 CVE-2025-47996
< 10.0.22621.5624
Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally
7.8HIGH
 CVE-2025-47991
< 10.0.22621.5624
Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47987
< 10.0.22621.5624
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47986
< 10.0.22621.5624
Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
8.8HIGH
 CVE-2025-47985
< 10.0.22621.5624
Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47984
< 10.0.22621.5624
Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.
7.5HIGH
 CVE-2025-47982
< 10.0.22621.5624
Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47981
< 10.0.22621.5624
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
9.8CRITICAL
 CVE-2025-47980
< 10.0.22621.5624
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclos
6.2MEDIUM
 CVE-2025-47976
< 10.0.22621.5624
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47975
< 10.0.22621.5624
Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-47973
< 10.0.22621.5624
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47972
< 10.0.22621.5624
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME)
8.0HIGH
 CVE-2025-47971
< 10.0.22621.5624
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-47159
< 10.0.22621.5624
Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privi
7.8HIGH
 CVE-2025-33054
< 10.0.22621.5624
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over
8.1HIGH
 CVE-2025-47969
< 10.0.22621.5335
Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information
4.4MEDIUM
 CVE-2025-47955
< 10.0.22621.5335
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges loca
7.8HIGH
 CVE-2025-47160
< 10.0.22621.5472
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
5.4MEDIUM
 CVE-2025-33075
< 10.0.22621.5472
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privi
7.8HIGH
 CVE-2025-33073
< 10.0.22621.5472
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
8.8HIGH
 CVE-2025-33070
< 10.0.22621.5472
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
8.1HIGH
 CVE-2025-33067
< 10.0.22621.5472
Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
8.4HIGH
 CVE-2025-33066
< 10.0.22621.5472
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove
8.8HIGH
 CVE-2025-33065
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33064
< 10.0.22621.5472
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over
8.8HIGH
 CVE-2025-33063
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33062
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33061
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33060
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33059
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33058
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33057
< 10.0.22621.5472
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
6.5MEDIUM
 CVE-2025-33056
< 10.0.22621.5472
Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over
7.5HIGH
 CVE-2025-33055
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-33053
< 10.0.22621.5472
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-33052
< 10.0.22621.5472
Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-32724
< 10.0.22621.5472
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to
7.5HIGH
 CVE-2025-32722
< 10.0.22621.5472
Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-32721
< 10.0.22621.5472
Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate
7.3HIGH
 CVE-2025-32720
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-32719
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-32718
< 10.0.22621.5472
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-32716
< 10.0.22621.5472
Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-32715
< 10.0.22621.5472
Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
6.5MEDIUM
 CVE-2025-32714
< 10.0.22621.5472
Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-32713
< 10.0.22621.5472
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-32712
< 10.0.22621.5472
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29828
< 10.0.22621.5472
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute co
8.1HIGH
 CVE-2025-24069
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-24068
< 10.0.22621.5472
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-24065
< 10.0.22621.5472
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-47827
< 10.0.22621.6060
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signatu
4.6MEDIUM
 CVE-2025-32709
< 10.0.22621.5335
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca
7.8HIGH
 CVE-2025-32706
< 10.0.22621.5335
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-32701
< 10.0.22621.5335
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-30400
< 10.0.22621.5335
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-30397
< 10.0.22621.5335
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to exe
7.5HIGH
 CVE-2025-30388
< 10.0.22621.5335
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-30385
< 10.0.22621.5335
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29974
< 10.0.22621.5335
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent
5.7MEDIUM
 CVE-2025-29971
< 10.0.22621.5335
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.
7.5HIGH
 CVE-2025-29969
< 10.0.22621.5335
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a net
7.5HIGH
 CVE-2025-29967
< 10.0.22621.5335
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29966
< 10.0.22621.5335
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29964
< 10.0.22621.5335
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29963
< 10.0.22621.5335
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29962
< 10.0.22621.5335
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29961
< 10.0.22621.5335
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-29960
< 10.0.22621.5335
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-29959
< 10.0.22621.5335
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info
6.5MEDIUM
 CVE-2025-29958
< 10.0.22621.5335
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info
6.5MEDIUM
 CVE-2025-29957
< 10.0.22621.5335
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
6.2MEDIUM
 CVE-2025-29956
< 10.0.22621.5335
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
5.4MEDIUM
 CVE-2025-29954
< 10.0.22621.5335
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny
5.9MEDIUM
 CVE-2025-29842
< 10.0.22621.5335
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature o
7.5HIGH
 CVE-2025-29841
< 10.0.22621.5335
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service
7.0HIGH
 CVE-2025-29840
< 10.0.22621.5335
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29839
< 10.0.22621.5335
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
4.0MEDIUM
 CVE-2025-29837
< 10.0.22621.5335
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose info
5.5MEDIUM
 CVE-2025-29836
< 10.0.22621.5335
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-29835
< 10.0.22621.5335
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-29833
< 10.0.22621.5335
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code l
7.7HIGH
 CVE-2025-29832
< 10.0.22621.5335
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
6.5MEDIUM
 CVE-2025-29830
< 10.0.22621.5335
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info
6.5MEDIUM
 CVE-2025-29829
< 10.0.22621.5335
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information lo
5.5MEDIUM
 CVE-2025-27468
< 10.0.22621.5335
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-24063
< 10.0.22621.5335
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29824
< 10.0.22621.5189
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29812
< 10.0.22621.5189
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29811
< 10.0.22621.5189
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29810
< 10.0.22621.5189
Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
7.5HIGH
 CVE-2025-29809
< 10.0.22621.5189
Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.
7.1HIGH
 CVE-2025-27742
< 10.0.22621.5189
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-27739
< 10.0.22621.5189
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-27738
< 10.0.22621.5189
Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a netwo
6.5MEDIUM
 CVE-2025-27737
< 10.0.22621.5189
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.
8.6HIGH
 CVE-2025-27736
< 10.0.22621.5189
Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker t
5.5MEDIUM
 CVE-2025-27735
< 10.0.22621.5189
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacke
6.0MEDIUM
 CVE-2025-27732
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges lo
7.0HIGH
 CVE-2025-27731
< 10.0.22621.5189
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-27730
< 10.0.22621.5189
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-27729
< 10.0.22621.5189
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-27727
< 10.0.22621.5189
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privi
7.8HIGH
 CVE-2025-27492
< 10.0.22621.5189
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an au
7.0HIGH
 CVE-2025-27491
< 10.0.22621.5189
Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.
7.1HIGH
 CVE-2025-27490
< 10.0.22621.5189
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-27487
< 10.0.22621.5189
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.
8.0HIGH
 CVE-2025-27484
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized atta
7.5HIGH
 CVE-2025-27481
< 10.0.22621.5189
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-27478
< 10.0.22621.5189
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-27477
< 10.0.22621.5189
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-27476
< 10.0.22621.5189
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-27475
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges loc
7.0HIGH
 CVE-2025-27473
< 10.0.22621.5189
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
7.5HIGH
 CVE-2025-27471
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service
5.9MEDIUM
 CVE-2025-27469
< 10.0.22621.5189
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny
7.5HIGH
 CVE-2025-27467
< 10.0.22621.5189
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-26688
< 10.0.22621.5189
Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-26687
< 10.0.22621.5189
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
7.5HIGH
 CVE-2025-26686
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a networ
7.5HIGH
 CVE-2025-26681
< 10.0.22621.5189
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
6.7MEDIUM
 CVE-2025-26679
< 10.0.22621.5189
Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-26678
< 10.0.22621.5189
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security featur
8.4HIGH
 CVE-2025-26675
< 10.0.22621.5189
Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-26674
< 10.0.22621.5189
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-26673
< 10.0.22621.5189
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny
7.5HIGH
 CVE-2025-26672
< 10.0.22621.5189
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over
6.5MEDIUM
 CVE-2025-26670
< 10.0.22621.5189
Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a netw
8.1HIGH
 CVE-2025-26669
< 10.0.22621.5189
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove
8.8HIGH
 CVE-2025-26668
< 10.0.22621.5189
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove
7.5HIGH
 CVE-2025-26666
< 10.0.22621.5189
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
7.8HIGH
 CVE-2025-26665
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges loc
7.0HIGH
 CVE-2025-26663
< 10.0.22621.5189
Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a netw
8.1HIGH
 CVE-2025-26651
< 10.0.22621.5189
Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a n
6.5MEDIUM
 CVE-2025-26649
< 10.0.22621.5189
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an au
7.0HIGH
 CVE-2025-26648
< 10.0.22621.5189
Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-26644
< 10.0.22621.5189
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows a
5.1MEDIUM
 CVE-2025-26641
< 10.0.22621.5189
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network
7.5HIGH
 CVE-2025-26640
< 10.0.22621.5189
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.0HIGH
 CVE-2025-26639
< 10.0.22621.5189
Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-26637
< 10.0.22621.5189
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical att
6.8MEDIUM
 CVE-2025-26635
< 10.0.22621.5189
Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.
6.5MEDIUM
 CVE-2025-24074
< 10.0.22621.5189
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24073
< 10.0.22621.5189
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24062
< 10.0.22621.5189
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24060
< 10.0.22621.5189
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24058
< 10.0.22621.5189
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-21222
< 10.0.22621.5189
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-21221
< 10.0.22621.5189
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-21205
< 10.0.22621.5189
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-21204
< 10.0.22621.5189
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate pr
7.8HIGH
 CVE-2025-21197
< 10.0.22621.5189
Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the a
6.5MEDIUM
 CVE-2025-21191
< 10.0.22621.5189
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to eleva
7.0HIGH
 CVE-2025-26645
< 10.0.22621.5039
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-26634
< 10.0.22621.4890
Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
7.5HIGH
 CVE-2025-26633
< 10.0.22621.5039
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
7.0HIGH
 CVE-2025-24997
< 10.0.22621.5039
Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.
4.4MEDIUM
 CVE-2025-24996
< 10.0.22621.5039
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-24995
< 10.0.22621.5039
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locall
7.8HIGH
 CVE-2025-24994
< 10.0.22621.5039
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-24993
< 10.0.22621.5039
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-24992
< 10.0.22621.5039
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-24991
< 10.0.22621.5039
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
5.5MEDIUM
 CVE-2025-24988
< 10.0.22621.5039
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
6.6MEDIUM
 CVE-2025-24987
< 10.0.22621.5039
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
6.6MEDIUM
 CVE-2025-24985
< 10.0.22621.5039
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-24984
< 10.0.22621.5039
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a ph
4.6MEDIUM
 CVE-2025-24084
< 10.0.22621.5039
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
8.4HIGH
 CVE-2025-24076
< 10.0.22621.5039
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
7.3HIGH
 CVE-2025-24072
< 10.0.22621.5039
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24067
< 10.0.22621.5039
Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24066
< 10.0.22621.5039
Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24061
< 10.0.22621.5039
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locall
7.8HIGH
 CVE-2025-24059
< 10.0.22621.5039
Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privi
7.8HIGH
 CVE-2025-24056
< 10.0.22621.5039
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-24055
< 10.0.22621.5039
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.
4.3MEDIUM
 CVE-2025-24054
< 10.0.22621.5039
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-24051
< 10.0.22621.5039
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove
8.8HIGH
 CVE-2025-24050
< 10.0.22621.5039
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24048
< 10.0.22621.5039
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24046
< 10.0.22621.5039
Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24044
< 10.0.22621.5039
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-24035
< 10.0.22621.5039
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute c
8.1HIGH
 CVE-2025-21247
< 10.0.22621.5039
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over
4.3MEDIUM
 CVE-2025-21180
< 10.0.22621.5039
Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-21420
< 10.0.22621.4890
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21419
< 10.0.22621.4890
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
7.1HIGH
 CVE-2025-21418
< 10.0.22621.4890
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21414
< 10.0.22621.4890
Windows Core Messaging Elevation of Privileges Vulnerability
7.0HIGH
 CVE-2025-21407
< 10.0.22621.4890
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21406
< 10.0.22621.4890
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21391
< 10.0.22621.4890
Windows Storage Elevation of Privilege Vulnerability
7.1HIGH
 CVE-2025-21377
< 10.0.22621.4890
NTLM Hash Disclosure Spoofing Vulnerability
6.5MEDIUM
 CVE-2025-21376
< 10.0.22621.4890
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
8.1HIGH
 CVE-2025-21375
< 10.0.22621.4890
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21373
< 10.0.22621.4890
Windows Installer Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21371
< 10.0.22621.4890
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21369
< 10.0.22621.4890
Microsoft Digest Authentication Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21368
< 10.0.22621.4890
Microsoft Digest Authentication Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21367
< 10.0.22621.4890
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21359
< 10.0.22621.4890
Windows Kernel Security Feature Bypass Vulnerability
7.8HIGH
 CVE-2025-21358
< 10.0.22621.4890
Windows Core Messaging Elevation of Privileges Vulnerability
7.8HIGH
 CVE-2025-21352
< 10.0.22621.4890
Internet Connection Sharing (ICS) Denial of Service Vulnerability
6.5MEDIUM
 CVE-2025-21351
< 10.0.22621.4890
Windows Active Directory Domain Services API Denial of Service Vulnerability
7.5HIGH
 CVE-2025-21350
< 10.0.22621.4890
Windows Kerberos Denial of Service Vulnerability
5.9MEDIUM
 CVE-2025-21349
< 10.0.22621.4890
Windows Remote Desktop Configuration Service Tampering Vulnerability
6.8MEDIUM
 CVE-2025-21347
< 10.0.22621.4890
Windows Deployment Services Denial of Service Vulnerability
6.0MEDIUM
 CVE-2025-21337
< 10.0.22621.4890
Windows NTFS Elevation of Privilege Vulnerability
3.3LOW
 CVE-2025-21254
< 10.0.22621.4890
Internet Connection Sharing (ICS) Denial of Service Vulnerability
6.5MEDIUM
 CVE-2025-21216
< 10.0.22621.4890
Internet Connection Sharing (ICS) Denial of Service Vulnerability
6.5MEDIUM
 CVE-2025-21212
< 10.0.22621.4890
Internet Connection Sharing (ICS) Denial of Service Vulnerability
6.5MEDIUM
 CVE-2025-21201
< 10.0.22621.4890
Windows Telephony Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21200
< 10.0.22621.4890
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21190
< 10.0.22621.4890
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21184
< 10.0.22621.4890
Windows Core Messaging Elevation of Privileges Vulnerability
7.0HIGH
 CVE-2025-21181
< 10.0.22621.4890
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
7.5HIGH
 CVE-2025-21325
< 10.0.22621.4751
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21417
< 10.0.22621.4751
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21413
< 10.0.22621.4751
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21411
< 10.0.22621.4751
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21409
< 10.0.22621.4751
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21389
< 10.0.22621.4751
Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny se
7.5HIGH
 CVE-2025-21382
< 10.0.22621.4751
Windows Graphics Component Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21378
< 10.0.22621.4751
Windows CSC Service Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21374
< 10.0.22621.4751
Windows CSC Service Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2025-21370
< 10.0.22621.4751
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21343
< 10.0.22621.4751
Windows Web Threat Defense User Service Information Disclosure Vulnerability
7.5HIGH
 CVE-2025-21341
< 10.0.22621.4751
Windows Digital Media Elevation of Privilege Vulnerability
6.6MEDIUM
 CVE-2025-21340
< 10.0.22621.4751
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
5.5MEDIUM
 CVE-2025-21339
< 10.0.22621.4751
Windows Telephony Service Remote Code Execution Vulnerability
8.8HIGH
 CVE-2025-21338
< 10.0.22621.4751
GDI+ Remote Code Execution Vulnerability
7.8HIGH
 CVE-2025-21336
< 10.0.22621.4751
Windows Cryptographic Information Disclosure Vulnerability
5.6MEDIUM
 CVE-2025-21335
< 10.0.22621.4751
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21334
< 10.0.22621.4751
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21333
< 10.0.22621.4751
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2025-21332
< 10.0.22621.4751
MapUrlToZone Security Feature Bypass Vulnerability
4.3MEDIUM
 CVE-2025-21331
< 10.0.22621.4751
Windows Installer Elevation of Privilege Vulnerability
7.3HIGH
 CVE-2025-21330
< 10.0.22621.4751
Windows Remote Desktop Services Denial of Service Vulnerability
7.5HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin