Page 6 of 565 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47986 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47985 • CWE-822: Untrusted Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47984 • CWE-693: Protection Mechanism Failure •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47976 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47971 • CWE-126: Buffer Over-read •

CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of proper validation of user-supplied data, which can result in a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49727 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of proper validation of user-supplied data, which can resu... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49732 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

08 Jul 2025 — Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of proper validation of user-supplied data, which can result... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49742 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 4

10 Jun 2025 — Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. • https://packetstorm.news/files/id/200901 • CWE-284: Improper Access Control •

CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0

10 Jun 2025 — Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33070 • CWE-908: Use of Uninitialized Resource •