CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21298 – Windows OLE Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21298
14 Jan 2025 — Windows OLE Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage t... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2025-21296 – BranchCache Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21296
14 Jan 2025 — BranchCache Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21296 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0CVE-2025-21295 – SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21295
14 Jan 2025 — SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21295 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21294 – Microsoft Digest Authentication Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21294
14 Jan 2025 — Microsoft Digest Authentication Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21294 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 9.0EPSS: 0%CPEs: 21EXPL: 0CVE-2025-21293 – Active Directory Domain Services Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21293
14 Jan 2025 — Active Directory Domain Services Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21290 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-21290
14 Jan 2025 — Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21290 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21289 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-21289
14 Jan 2025 — Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21289 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21288 – Windows COM Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21288
14 Jan 2025 — Windows COM Server Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21288 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21285 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-21285
14 Jan 2025 — Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21285 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-21284 – Windows Virtual Trusted Platform Module Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-21284
14 Jan 2025 — Windows Virtual Trusted Platform Module Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21284 • CWE-20: Improper Input Validation •