CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-21331 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21331
14 Jan 2025 — Windows Installer Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a mount point, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate pri... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21331 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21324 – Windows Digital Media Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21324
14 Jan 2025 — Windows Digital Media Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21324 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-21323 – Windows Kernel Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21323
14 Jan 2025 — Windows Kernel Memory Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21323 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2025-21317 – Windows Kernel Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21317
14 Jan 2025 — Windows Kernel Memory Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21317 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 2.4EPSS: 0%CPEs: 18EXPL: 0CVE-2025-21312 – Windows Smart Card Reader Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21312
14 Jan 2025 — Windows Smart Card Reader Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21312 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21310 – Windows Digital Media Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21310
14 Jan 2025 — Windows Digital Media Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21310 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2025-21308 – Windows Themes Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-21308
14 Jan 2025 — Windows Themes Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21308 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21307 – Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21307
14 Jan 2025 — Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21307 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21305 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21305
14 Jan 2025 — Windows Telephony Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21305 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21300 – Windows upnphost.dll Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-21300
14 Jan 2025 — Windows upnphost.dll Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21300 • CWE-400: Uncontrolled Resource Consumption •