
CVE-2025-24062 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24062
08 Apr 2025 — Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24062 • CWE-20: Improper Input Validation •

CVE-2025-24060 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24060
08 Apr 2025 — Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24060 • CWE-20: Improper Input Validation •

CVE-2025-29811 – Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29811
08 Apr 2025 — Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29811 • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •

CVE-2025-29819 – Windows Admin Center in Azure Portal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29819
08 Apr 2025 — External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819 • CWE-73: External Control of File Name or Path •

CVE-2025-29812 – DirectX Graphics Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29812
08 Apr 2025 — Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the dxkrnl.sys driver. The issue results from the lack of proper validation of a user-supplied value prior to derefer... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29812 • CWE-822: Untrusted Pointer Dereference •

CVE-2025-29810 – Active Directory Domain Services Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29810
08 Apr 2025 — Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29810 • CWE-284: Improper Access Control •

CVE-2025-29808 – Windows Cryptographic Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29808
08 Apr 2025 — Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808 • CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation •

CVE-2025-29809 – Windows Kerberos Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-29809
08 Apr 2025 — Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809 • CWE-922: Insecure Storage of Sensitive Information •

CVE-2025-27739 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-27739
08 Apr 2025 — Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27739 • CWE-822: Untrusted Pointer Dereference •

CVE-2025-27738 – Windows Resilient File System (ReFS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-27738
08 Apr 2025 — Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27738 • CWE-284: Improper Access Control •