CVE-2025-29812
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
CVE-2025-29811
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
CVE-2025-27492
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.
CVE-2025-26651
Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
CVE-2025-26649
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
CVE-2025-24994
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
CVE-2025-24084
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
CVE-2025-24076
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
CVE-2025-21370
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2025-21343
Windows Web Threat Defense User Service Information Disclosure Vulnerability