CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2025-54915 – Windows Defender Firewall Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54915
09 Sep 2025 — Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54915 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2025-54912 – Windows BitLocker Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54912
09 Sep 2025 — Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54912 • CWE-416: Use After Free •
CVSS: 7.3EPSS: 0%CPEs: 19EXPL: 0CVE-2025-54911 – Windows BitLocker Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54911
09 Sep 2025 — Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54911 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-54113 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-54113
09 Sep 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54113 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2025-54109 – Windows Defender Firewall Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54109
09 Sep 2025 — Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54109 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2025-54107 – MapUrlToZone Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-54107
09 Sep 2025 — Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54107 • CWE-41: Improper Resolution of Path Equivalence •
CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2025-54104 – Windows Defender Firewall Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54104
09 Sep 2025 — Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54104 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-54098 – Windows Hyper-V Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54098
09 Sep 2025 — Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54098 • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2025-54094 – Windows Defender Firewall Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54094
09 Sep 2025 — Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54094 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.0EPSS: 0%CPEs: 21EXPL: 0CVE-2025-54093 – Windows TCP/IP Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-54093
09 Sep 2025 — Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54093 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •