CVSS: 10.0EPSS: 44%CPEs: 26EXPL: 4CVE-2025-33053 – Microsoft Windows External Control of File Name or Path Vulnerability
https://notcve.org/view.php?id=CVE-2025-33053
10 Jun 2025 — External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network. Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files. • https://packetstorm.news/files/id/200915 • CWE-73: External Control of File Name or Path •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2025-33052 – Windows DWM Core Library Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-33052
10 Jun 2025 — Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33052 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24065 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24065
10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24065 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24069 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24069
10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24069 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24068 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24068
10 Jun 2025 — Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24068 • CWE-126: Buffer Over-read •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2025-47969 – Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-47969
10 Jun 2025 — Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47969 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-47955 – Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-47955
10 Jun 2025 — Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47955 • CWE-269: Improper Privilege Management •
CVSS: 6.4EPSS: 0%CPEs: 21EXPL: 0CVE-2025-47160 – Windows Shortcut Files Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-47160
10 Jun 2025 — Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47160 • CWE-693: Protection Mechanism Failure •
CVSS: 8.4EPSS: 0%CPEs: 17EXPL: 0CVE-2025-33067 – Windows Task Scheduler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-33067
10 Jun 2025 — Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33067 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-33066 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-33066
10 Jun 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33066 • CWE-122: Heap-based Buffer Overflow •