CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50167 – Windows Hyper-V Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50167
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Virtual Hard Disk Miniport driver. The issue results from... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50167 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50166 – Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-50166
12 Aug 2025 — Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50166 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50161 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50161
12 Aug 2025 — Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50161 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.3EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50159 – Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50159
12 Aug 2025 — Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50159 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50158 – Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-50158
12 Aug 2025 — Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50158 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 1%CPEs: 26EXPL: 2CVE-2025-50154 – Microsoft Windows File Explorer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-50154
12 Aug 2025 — Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. • https://packetstorm.news/files/id/208513 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2025-50153 – Desktop Windows Manager Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50153
12 Aug 2025 — Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50153 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-49762 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-49762
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49762 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-49761 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-49761
12 Aug 2025 — Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49761 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2025-49743 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-49743
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49743 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •