CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53134 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53134
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53134 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53132 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53132
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from th... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53132 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50177 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50177
12 Aug 2025 — Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50177 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50173 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50173
12 Aug 2025 — Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50173 • CWE-1390: Weak Authentication •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50167 – Windows Hyper-V Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50167
12 Aug 2025 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Virtual Hard Disk Miniport driver. The issue results from... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50167 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50166 – Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-50166
12 Aug 2025 — Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50166 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 0%CPEs: 17EXPL: 0CVE-2025-50164 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50164
12 Aug 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50164 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2025-50163 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50163
12 Aug 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50163 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: 17EXPL: 0CVE-2025-50162 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-50162
12 Aug 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50162 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.3EPSS: 0%CPEs: 26EXPL: 0CVE-2025-50161 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50161
12 Aug 2025 — Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50161 • CWE-122: Heap-based Buffer Overflow •