CVSS: 6.2EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29957 – Windows Deployment Services Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-29957
13 May 2025 — Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29957 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29956 – Windows SMB Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29956
13 May 2025 — Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29956 • CWE-126: Buffer Over-read •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2025-29955 – Windows Hyper-V Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-29955
13 May 2025 — Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29955 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 1%CPEs: 23EXPL: 0CVE-2025-29954 – Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-29954
13 May 2025 — Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29954 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.6EPSS: 0%CPEs: 17EXPL: 0CVE-2025-29842 – UrlMon Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-29842
13 May 2025 — Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29842 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 0CVE-2025-29841 – Universal Print Management Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29841
13 May 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29841 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2025-29840 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29840
13 May 2025 — Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29840 • CWE-121: Stack-based Buffer Overflow •
CVSS: 4.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29839 – Windows Multiple UNC Provider Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29839
13 May 2025 — Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29839 • CWE-125: Out-of-bounds Read •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-29838 – Windows ExecutionContext Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29838
13 May 2025 — Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29838 • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29837 – Windows Installer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29837
13 May 2025 — Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29837 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •