CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24063 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24063
13 May 2025 — Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24063 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-32707 – NTFS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-32707
13 May 2025 — Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32707 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 11%CPEs: 26EXPL: 0CVE-2025-30397 – Microsoft Windows Scripting Engine Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-30397
13 May 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30397 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2025-30388 – Windows Graphics Component Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-30388
13 May 2025 — Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30388 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-30385 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-30385
13 May 2025 — Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30385 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29974 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29974
13 May 2025 — Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29974 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2025-29963 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29963
13 May 2025 — Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29963 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29962 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29962
13 May 2025 — Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29962 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29961 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29961
13 May 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29961 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29958 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29958
13 May 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29958 • CWE-908: Use of Uninitialized Resource •