CVSS: 7.6EPSS: 0%CPEs: 14EXPL: 0CVE-2025-29831 – Windows Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29831
13 May 2025 — Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29831 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29830 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29830
13 May 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29830 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-29829 – Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29829
13 May 2025 — Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29829 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2025-26677 – Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-26677
13 May 2025 — Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26677 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 4%CPEs: 26EXPL: 0CVE-2025-32709 – Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-32709
13 May 2025 — Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32709 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 15%CPEs: 26EXPL: 0CVE-2025-32706 – Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-32706
13 May 2025 — Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32706 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 5%CPEs: 26EXPL: 0CVE-2025-32701 – Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-32701
13 May 2025 — Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32701 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 4%CPEs: 13EXPL: 1CVE-2025-30400 – Microsoft Windows DWM Core Library Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-30400
13 May 2025 — Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://github.com/encrypter15/CVE-2025-30400 • CWE-416: Use After Free •
CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0CVE-2025-30394 – Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-30394
13 May 2025 — Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Remote Desktop Gateway service. The issue results from dereferencing a null pointer. An attacker can leverage this vulnerability to cr... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30394 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 7.0EPSS: 0%CPEs: 21EXPL: 0CVE-2025-27468 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-27468
13 May 2025 — Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27468 • CWE-269: Improper Privilege Management •