CVSS: 5.3EPSS: %CPEs: 17EXPL: 0CVE-2025-55229 – Windows Certificate Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-55229
21 Aug 2025 — Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55229 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: %CPEs: 26EXPL: 0CVE-2025-55230 – Windows MBT Transport Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-55230
21 Aug 2025 — Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55230 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2025-48807 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-48807
12 Aug 2025 — Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48807 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-53789 – Windows StateRepository API Server file Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53789
12 Aug 2025 — Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53789 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53778 – Windows NTLM Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53778
12 Aug 2025 — Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53778 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50155 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50155
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50155 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-53766 – GDI+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-53766
12 Aug 2025 — Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53766 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53726 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53726
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53726 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53725 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53725
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53725 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53724 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53724
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53724 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •