CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2025-53131 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-53131
12 Aug 2025 — Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53131 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50177 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50177
12 Aug 2025 — Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50177 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-50176 – DirectX Graphics Kernel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50176
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50176 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50173 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50173
12 Aug 2025 — Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50173 • CWE-1390: Weak Authentication •
CVSS: 6.8EPSS: 1%CPEs: 13EXPL: 0CVE-2025-50172 – DirectX Graphics Kernel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-50172
12 Aug 2025 — Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50172 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.4EPSS: 0%CPEs: 10EXPL: 0CVE-2025-50171 – Remote Desktop Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-50171
12 Aug 2025 — Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50171 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2025-50170 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50170
12 Aug 2025 — Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50170 • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-50168 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50168
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kbase driver. The issue results from the lack of proper validation of user-... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50168 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50167 – Windows Hyper-V Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50167
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Virtual Hard Disk Miniport driver. The issue results from... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50167 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50166 – Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-50166
12 Aug 2025 — Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50166 • CWE-190: Integer Overflow or Wraparound •