CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 4CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-33073
10 Jun 2025 — Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. • https://packetstorm.news/files/id/200901 • CWE-284: Improper Access Control •
CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0CVE-2025-33070 – Windows Netlogon Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-33070
10 Jun 2025 — Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33070 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0CVE-2025-33068 – Windows Standards-Based Storage Management Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-33068
10 Jun 2025 — Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33068 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-33057 – Windows Local Security Authority (LSA) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-33057
10 Jun 2025 — Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33057 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-33056 – Windows Local Security Authority (LSA) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-33056
10 Jun 2025 — Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33056 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 32%CPEs: 26EXPL: 4CVE-2025-33053 – Microsoft Windows External Control of File Name or Path Vulnerability
https://notcve.org/view.php?id=CVE-2025-33053
10 Jun 2025 — External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network. Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files. • https://packetstorm.news/files/id/200915 • CWE-73: External Control of File Name or Path •
CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0CVE-2025-33071 – Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-33071
10 Jun 2025 — Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33071 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-47955 – Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-47955
10 Jun 2025 — Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47955 • CWE-269: Improper Privilege Management •
CVSS: 6.4EPSS: 0%CPEs: 21EXPL: 0CVE-2025-47160 – Windows Shortcut Files Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-47160
10 Jun 2025 — Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47160 • CWE-693: Protection Mechanism Failure •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-33066 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-33066
10 Jun 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33066 • CWE-122: Heap-based Buffer Overflow •