CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-25003 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-25003
11 Mar 2025 — Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24998 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24998
11 Mar 2025 — Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24998 • CWE-427: Uncontrolled Search Path Element •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 0CVE-2025-24997 – DirectX Graphics Kernel File Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-24997
11 Mar 2025 — Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24997 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-24996 – NTLM Hash Disclosure Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-24996
11 Mar 2025 — External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24996 • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24995 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24995
11 Mar 2025 — Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24995 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21180 – Windows exFAT File System Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21180
11 Mar 2025 — Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21180 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24988 – Windows USB Video Class System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24988
11 Mar 2025 — Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24988 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24987 – Windows USB Video Class System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24987
11 Mar 2025 — Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24987 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24986 – Azure Promptflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24986
11 Mar 2025 — Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986 • CWE-653: Improper Isolation or Compartmentalization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24083 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24083
11 Mar 2025 — Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24083 • CWE-822: Untrusted Pointer Dereference •