CVSS: 5.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29956 – Windows SMB Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29956
13 May 2025 — Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29956 • CWE-126: Buffer Over-read •
CVSS: 5.9EPSS: 1%CPEs: 23EXPL: 0CVE-2025-29954 – Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-29954
13 May 2025 — Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29954 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29839 – Windows Multiple UNC Provider Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29839
13 May 2025 — Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29839 • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29837 – Windows Installer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29837
13 May 2025 — Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29837 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29836 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29836
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29836 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-29835 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29835
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29835 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 7.7EPSS: 0%CPEs: 21EXPL: 0CVE-2025-29833 – Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29833
13 May 2025 — Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an authorized attacker to execute code over a network. Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29833 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29832 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29832
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29832 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 0%CPEs: 14EXPL: 0CVE-2025-29831 – Windows Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29831
13 May 2025 — Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29831 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29830 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29830
13 May 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29830 • CWE-908: Use of Uninitialized Resource •