933 results (0.003 seconds)

CVSS: 8.8EPSS: %CPEs: 26EXPL: 0

10 Jun 2025 — Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073 • CWE-284: Improper Access Control •

CVSS: 8.1EPSS: %CPEs: 23EXPL: 0

10 Jun 2025 — Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33070 • CWE-908: Use of Uninitialized Resource •

CVSS: 7.5EPSS: %CPEs: 9EXPL: 0

10 Jun 2025 — Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33068 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: %CPEs: 26EXPL: 0

10 Jun 2025 — Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33057 • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: %CPEs: 26EXPL: 0

10 Jun 2025 — Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33056 • CWE-284: Improper Access Control •

CVSS: 5.5EPSS: %CPEs: 17EXPL: 0

10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33055 • CWE-125: Out-of-bounds Read •

CVSS: 10.0EPSS: %CPEs: 26EXPL: 0

10 Jun 2025 — External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. Web Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053 • CWE-73: External Control of File Name or Path •

CVSS: 5.5EPSS: %CPEs: 13EXPL: 0

10 Jun 2025 — Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33052 • CWE-908: Use of Uninitialized Resource •

CVSS: 7.5EPSS: %CPEs: 8EXPL: 0

10 Jun 2025 — Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33050 • CWE-693: Protection Mechanism Failure •

CVSS: 7.5EPSS: %CPEs: 8EXPL: 0

10 Jun 2025 — Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32725 • CWE-693: Protection Mechanism Failure •