CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 1CVE-2025-60719 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-60719
11 Nov 2025 — Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://packetstorm.news/files/id/212597 • CWE-822: Untrusted Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2025-34193 – Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protections and Use Outdated Runtimes
https://notcve.org/view.php?id=CVE-2025-34193
19 Sep 2025 — Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components (PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe) that lack modern compile-time and runtime exploit mitigations and rely on outdated runtimes. Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Win... • https://www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-windows-components-lack-modern-memory-protections-and-use-outdated-runtimes • CWE-755: Improper Handling of Exceptional Conditions CWE-1104: Use of Unmaintained Third Party Components •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-34195 – Vasion Print (formerly PrinterLogic) Unquoted Path During Driver Installation Leads to Execution of C:\Program.exe
https://notcve.org/view.php?id=CVE-2025-34195
19 Sep 2025 — Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (Windows client deployments) contain a remote code execution vulnerability during driver installation caused by unquoted program paths. Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (Windows client deployments) contain a remote code execution vulnerability during driver installation caus... • https://www.vulncheck.com/advisories/vasion-print-printerlogic-unquoted-path-during-driver-installation • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 1CVE-2025-49730 – Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-49730
08 Jul 2025 — Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally. • https://www.exploit-db.com/exploits/52399 • CWE-122: Heap-based Buffer Overflow CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 1%CPEs: 26EXPL: 1CVE-2025-29824 – Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-29824
08 Apr 2025 — Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://github.com/encrypter15/CVE-2025-29824 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 26EXPL: 1CVE-2025-24985 – Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24985
11 Mar 2025 — Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. • https://github.com/airbus-cert/cve-2025-24985 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 10%CPEs: 26EXPL: 1CVE-2025-21307 – Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21307
14 Jan 2025 — Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability • https://github.com/git-account7/CVE-2025-21307 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 86%CPEs: 26EXPL: 10CVE-2024-49138 – Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2024-49138
10 Dec 2024 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges. • https://packetstorm.news/files/id/190585 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2024-49114 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-49114
10 Dec 2024 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability The Microsoft Windows kernel is susceptible to a false file immutability attack on registry hives via the Cloud Filter API. • https://packetstorm.news/files/id/183324 • CWE-820: Missing Synchronization •
CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 1CVE-2024-43535 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-43535
08 Oct 2024 — Windows Kernel-Mode Driver Elevation of Privilege Vulnerability • https://github.com/jayesther/KTM_POCS • CWE-416: Use After Free •