CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-26645 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26645
11 Mar 2025 — Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645 • CWE-23: Relative Path Traversal CWE-284: Improper Access Control •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26633 – Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
https://notcve.org/view.php?id=CVE-2025-26633
11 Mar 2025 — Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of MSC files. The product does not warn the user before loading an unexpected MSC file. An a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26633 • CWE-707: Improper Neutralization •
CVSS: 7.8EPSS: 2%CPEs: 26EXPL: 0CVE-2025-24993 – Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24993
11 Mar 2025 — Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24993 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24992 – Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24992
11 Mar 2025 — Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24992 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 2%CPEs: 26EXPL: 0CVE-2025-24991 – Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2025-24991
11 Mar 2025 — Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24991 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 7%CPEs: 26EXPL: 0CVE-2025-24985 – Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24985
11 Mar 2025 — Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 1%CPEs: 13EXPL: 0CVE-2025-24983 – Microsoft Windows Win32k Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-24983
11 Mar 2025 — Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24072 – Microsoft Local Security Authority (LSA) Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24072
11 Mar 2025 — Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24072 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 17EXPL: 0CVE-2025-24064 – Windows Domain Name Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24064
11 Mar 2025 — Use after free in DNS Server allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24059 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24059
11 Mar 2025 — Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24059 • CWE-125: Out-of-bounds Read CWE-681: Incorrect Conversion between Numeric Types •