CVSS: 4.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29839 – Windows Multiple UNC Provider Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29839
13 May 2025 — Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29839 • CWE-125: Out-of-bounds Read •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-29838 – Windows ExecutionContext Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29838
13 May 2025 — Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29838 • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29837 – Windows Installer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29837
13 May 2025 — Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29837 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29836 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29836
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29836 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-29835 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29835
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29835 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 7.7EPSS: 0%CPEs: 21EXPL: 0CVE-2025-29833 – Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29833
13 May 2025 — Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an authorized attacker to execute code over a network. Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29833 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29832 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29832
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29832 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29830 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29830
13 May 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29830 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-29829 – Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29829
13 May 2025 — Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29829 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 4%CPEs: 26EXPL: 0CVE-2025-32709 – Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-32709
13 May 2025 — Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32709 • CWE-416: Use After Free •