#vulnerability

CVE-2025-33075: Windows Installer Elevation of Privilege Vulnerability

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Installer #Security Vulnerability

CVE-2025-33067: Windows Task Scheduler Elevation of Privilege Vulnerability

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Kernel #Security Vulnerability

CVE-2025-33066: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #rce #buffer_overflow #auth #Windows Routing and Remote Access Service (RRAS)#Security Vulnerability

CVE-2025-47955: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Remote Access Connection Manager #Security Vulnerability

CVE-2025-33065: Windows Storage Management Provider Information Disclosure Vulnerability

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Storage Management Provider #Security Vulnerability

CVE-2025-33062: Windows Storage Management Provider Information Disclosure Vulnerability

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Storage Management Provider #Security Vulnerability

CVE-2025-47953: Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office #Security Vulnerability

CVE-2025-32718: Windows SMB Client Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #samba #Windows SMB #Security Vulnerability

CVE-2025-32716: Windows Media Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Media #Security Vulnerability

CVE-2025-32715: Remote Desktop Protocol Client Information Disclosure Vulnerability

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

30 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #auth #Remote Desktop Client #Security Vulnerability

Tag

#vulnerability