CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26627 – Azure Arc Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26627
11 Mar 2025 — Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26627 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24049 – Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24049
11 Mar 2025 — Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24994 – Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24994
11 Mar 2025 — Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24994 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 2%CPEs: 26EXPL: 0CVE-2025-24993 – Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24993
11 Mar 2025 — Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24993 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24992 – Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24992
11 Mar 2025 — Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24992 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 2%CPEs: 26EXPL: 0CVE-2025-24991 – Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2025-24991
11 Mar 2025 — Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24991 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 7%CPEs: 26EXPL: 0CVE-2025-24985 – Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24985
11 Mar 2025 — Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 4.9EPSS: 16%CPEs: 21EXPL: 0CVE-2025-24984 – Microsoft Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24984
11 Mar 2025 — Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24984 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.0EPSS: 1%CPEs: 13EXPL: 0CVE-2025-24983 – Microsoft Windows Win32k Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-24983
11 Mar 2025 — Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983 • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2025-24084 – Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24084
11 Mar 2025 — Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24084 • CWE-822: Untrusted Pointer Dereference •