CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29959 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29959
13 May 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29959 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-24062 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24062
08 Apr 2025 — Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24062 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2025-24060 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24060
08 Apr 2025 — Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24060 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-29811 – Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29811
08 Apr 2025 — Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29811 • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-29812 – DirectX Graphics Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29812
08 Apr 2025 — Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the dxkrnl.sys driver. The issue results from the lack of proper validation of a user-supplied value prior to derefer... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29812 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 1CVE-2025-29810 – Active Directory Domain Services Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29810
08 Apr 2025 — Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network. • https://github.com/aleongx/CVE-2025-29810-check • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2025-29809 – Windows Kerberos Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-29809
08 Apr 2025 — Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2025-27739 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-27739
08 Apr 2025 — Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27739 • CWE-822: Untrusted Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-27738 – Windows Resilient File System (ReFS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-27738
08 Apr 2025 — Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27738 • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-27737 – Windows Security Zone Mapping Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-27737
08 Apr 2025 — Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27737 • CWE-20: Improper Input Validation •