
CVE-2025-32713 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-32713
10 Jun 2025 — Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32713 • CWE-122: Heap-based Buffer Overflow •

CVE-2025-32712 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-32712
10 Jun 2025 — Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32712 • CWE-416: Use After Free •

CVE-2025-32714 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-32714
10 Jun 2025 — Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. The service uses a resource from an unsecured location. An attacker can leverage this vulnerabil... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32714 • CWE-284: Improper Access Control •

CVE-2025-33075 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-33075
10 Jun 2025 — Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the se... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33075 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVE-2025-24063 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24063
13 May 2025 — Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24063 • CWE-122: Heap-based Buffer Overflow •

CVE-2025-30397 – Microsoft Windows Scripting Engine Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-30397
13 May 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL. • https://packetstorm.news/files/id/200680 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVE-2025-30388 – Windows Graphics Component Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-30388
13 May 2025 — Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30388 • CWE-122: Heap-based Buffer Overflow •

CVE-2025-30385 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-30385
13 May 2025 — Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30385 • CWE-416: Use After Free •

CVE-2025-29974 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29974
13 May 2025 — Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29974 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •

CVE-2025-29963 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29963
13 May 2025 — Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29963 • CWE-122: Heap-based Buffer Overflow •