CVE-2025-53809
Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.
CVE-2025-53156
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally.
CVE-2025-53133
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVE-2025-50169
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an unauthorized attacker to execute code over a network.
CVE-2025-50165
Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2025-49694
Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-48810
Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.
CVE-2025-48809
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-48002
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network.
CVE-2025-47993
Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-26636
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-33069
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-29970
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-29955
Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.
CVE-2025-29838
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
CVE-2025-27728
Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2025-21379
DHCP Client Service Remote Code Execution Vulnerability
CVE-2025-21183
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-21182
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-21179
DHCP Client Service Denial of Service Vulnerability