CVSS: 7.8EPSS: 9%CPEs: 26EXPL: 0CVE-2025-24985 – Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24985
11 Mar 2025 — Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 4.9EPSS: 19%CPEs: 21EXPL: 0CVE-2025-24984 – Microsoft Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24984
11 Mar 2025 — Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24984 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.0EPSS: 1%CPEs: 13EXPL: 0CVE-2025-24983 – Microsoft Windows Win32k Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-24983
11 Mar 2025 — Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24072 – Microsoft Local Security Authority (LSA) Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24072
11 Mar 2025 — Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24072 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 36%CPEs: 19EXPL: 10CVE-2025-24071 – Microsoft Windows File Explorer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-24071
11 Mar 2025 — Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. • https://packetstorm.news/files/id/189903 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24064 – Windows Domain Name Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24064
11 Mar 2025 — Use after free in DNS Server allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24059 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24059
11 Mar 2025 — Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24059 • CWE-125: Out-of-bounds Read CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24056 – Windows Telephony Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24056
11 Mar 2025 — Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24056 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24055 – Windows USB Video Class System Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24055
11 Mar 2025 — Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24055 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-24054 – NTLM Hash Disclosure Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-24054
11 Mar 2025 — External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054 • CWE-73: External Control of File Name or Path •