CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2CVE-2025-54100 – PowerShell Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-54100
09 Dec 2025 — Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally. • https://packetstorm.news/files/id/212823 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-64678 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-64678
09 Dec 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64678 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-62455 – Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62455
09 Dec 2025 — Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62455 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62571 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62571
09 Dec 2025 — Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62571 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62549 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-62549
09 Dec 2025 — Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62549 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62473 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-62473
09 Dec 2025 — Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62473 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62472 – Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62472
09 Dec 2025 — Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62472 • CWE-416: Use After Free CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62470 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62470
09 Dec 2025 — Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62470 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62466 – Windows Client-Side Caching Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62466
09 Dec 2025 — Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62466 • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62213 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62213
11 Nov 2025 — Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62213 • CWE-416: Use After Free •