Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

CVE-2025-32725: DHCP Server Service Denial of Service Vulnerability

Protection mechanism failure in Windows DHCP Server allows an authorized attacker to deny service locally.

Microsoft Security Response Center
#vulnerability#windows#dos#auth#Windows DHCP Server#Security Vulnerability
CVE-2025-24065: Windows Storage Management Provider Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an out of bounds read in the caller's address space memory.

CVE-2025-33071: Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could use a specially crafted application to leverage a cryptographic protocol vulnerability in Kerberos Key Distribution Center Proxy Service to perform remote code execution against the target.

CVE-2025-47956: Windows Security App Spoofing Vulnerability

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally.

CVE-2025-47160: Windows Shortcut Files Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.