CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21240 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21240
14 Jan 2025 — Windows Telephony Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21240 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21250 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21250
14 Jan 2025 — Windows Telephony Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21250 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21417 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21417
14 Jan 2025 — Windows Telephony Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21417 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21246 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21246
14 Jan 2025 — Windows Telephony Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21246 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21326 – Internet Explorer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21326
14 Jan 2025 — Internet Explorer Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21326 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21402 – Microsoft Office OneNote Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21402
14 Jan 2025 — Microsoft Office OneNote Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21402 • CWE-641: Improper Restriction of Names for Files and Other Resources •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21361 – Microsoft Outlook Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21361
14 Jan 2025 — Microsoft Outlook Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21361 • CWE-641: Improper Restriction of Names for Files and Other Resources •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21339 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21339
14 Jan 2025 — Windows Telephony Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21339 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2025-21338 – GDI+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21338
14 Jan 2025 — GDI+ Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21338 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-21331 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21331
14 Jan 2025 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21331 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •