CVSS: 7.0EPSS: 0%CPEs: 19EXPL: 0CVE-2025-53135 – DirectX Graphics Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53135
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53135 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53134 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53134
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53134 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53132 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53132
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from th... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53132 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2025-53131 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-53131
12 Aug 2025 — Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53131 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50177 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50177
12 Aug 2025 — Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50177 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-50176 – DirectX Graphics Kernel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50176
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50176 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50173 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50173
12 Aug 2025 — Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50173 • CWE-1390: Weak Authentication •
CVSS: 6.8EPSS: 1%CPEs: 13EXPL: 0CVE-2025-50172 – DirectX Graphics Kernel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-50172
12 Aug 2025 — Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50172 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.4EPSS: 0%CPEs: 10EXPL: 0CVE-2025-50171 – Remote Desktop Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-50171
12 Aug 2025 — Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50171 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2025-50170 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50170
12 Aug 2025 — Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50170 • CWE-280: Improper Handling of Insufficient Permissions or Privileges •