CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2025-48807 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-48807
12 Aug 2025 — Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48807 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-53789 – Windows StateRepository API Server file Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53789
12 Aug 2025 — Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53789 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53778 – Windows NTLM Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53778
12 Aug 2025 — Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53778 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50155 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50155
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50155 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-50157 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-50157
12 Aug 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50157 • CWE-908: Use of Uninitialized Resource •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-53766 – GDI+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-53766
12 Aug 2025 — Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53766 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53726 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53726
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53726 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53725 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53725
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53725 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53724 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53724
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53724 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53723 – Windows Hyper-V Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53723
12 Aug 2025 — Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Virtual Hard Disk Miniport driver. The issue results from the lack of proper validation of user-supplied data, which can res... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53723 • CWE-122: Heap-based Buffer Overflow CWE-197: Numeric Truncation Error •