CVSS: 7.8EPSS: 70%CPEs: 19EXPL: 11CVE-2025-24071 – Microsoft Windows File Explorer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-24071
11 Mar 2025 — Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. • https://packetstorm.news/files/id/189903 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24067 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24067
11 Mar 2025 — Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24067 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24066 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24066
11 Mar 2025 — Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24066 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24064 – Windows Domain Name Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24064
11 Mar 2025 — Use after free in DNS Server allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24061 – Windows Mark of the Web Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-24061
11 Mar 2025 — Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24061 • CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24059 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24059
11 Mar 2025 — Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24059 • CWE-125: Out-of-bounds Read CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24056 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24056
11 Mar 2025 — Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24056 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24055 – Windows USB Video Class System Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24055
11 Mar 2025 — Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24055 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 39%CPEs: 23EXPL: 5CVE-2025-24054 – Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-24054
11 Mar 2025 — External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. It took 7 years, but Microsoft finally realized a vulnerability was severe enough to be addressed and it was not until other researchers also reported it, that the original researcher finally got credited after pointing it out. Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network. • https://www.exploit-db.com/exploits/52280 • CWE-73: External Control of File Name or Path •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24051 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24051
11 Mar 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24051 • CWE-122: Heap-based Buffer Overflow •