CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2025-48807 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-48807
12 Aug 2025 — Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48807 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-53789 – Windows StateRepository API Server file Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53789
12 Aug 2025 — Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53789 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-53779 – Windows Kerberos Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53779
12 Aug 2025 — Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53779 • CWE-23: Relative Path Traversal •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-53778 – Windows NTLM Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53778
12 Aug 2025 — Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53778 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-50155 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-50155
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50155 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-50157 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-50157
12 Aug 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50157 • CWE-908: Use of Uninitialized Resource •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-53766 – GDI+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-53766
12 Aug 2025 — Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53766 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53726 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53726
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53726 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53725 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53725
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53725 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-53724 – Windows Push Notifications Apps Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-53724
12 Aug 2025 — Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53724 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •