CVSS: 10.0EPSS: 0%CPEs: 27EXPL: 0CVE-2025-60724 – GDI+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-60724
11 Nov 2025 — Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60724 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-60720 – Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-60720
11 Nov 2025 — Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60720 • CWE-126: Buffer Over-read •
CVSS: 9.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-60715 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-60715
11 Nov 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60715 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2025-60714 – Windows OLE Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-60714
11 Nov 2025 — Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60714 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-59514 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-59514
11 Nov 2025 — Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59514 • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62452 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-62452
11 Nov 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62452 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 0CVE-2025-62217 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-62217
11 Nov 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62217 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 1CVE-2025-60719 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-60719
11 Nov 2025 — Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://packetstorm.news/files/id/212597 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-60709 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-60709
11 Nov 2025 — Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the clfs.sys driver. The issue results from the lack of proper validation of user-supplied data, whic... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60709 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-60705 – Windows Client-Side Caching Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-60705
11 Nov 2025 — Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60705 • CWE-284: Improper Access Control •