Full List

Search

Recent Vulnerabilities

• CVE-2025-29801 • published on April 8, 2025 Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
• CVE-2025-29802 • published on April 8, 2025 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
• CVE-2025-29800 • published on April 8, 2025 Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
• CVE-2025-27739 • published on April 8, 2025 Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
• CVE-2025-27738 • published on April 8, 2025 Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.
• CVE-2025-27737 • published on April 8, 2025 Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.
• CVE-2025-27736 • published on April 8, 2025 Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.
• CVE-2025-27735 • published on April 8, 2025 Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
• CVE-2025-27733 • published on April 8, 2025 Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
• CVE-2025-27732 • published on April 8, 2025 Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
• CVE-2025-27730 • published on April 8, 2025 Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
• CVE-2025-27731 • published on April 8, 2025 Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.
• CVE-2025-27728 • published on April 8, 2025 Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
• CVE-2025-27729 • published on April 8, 2025 Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
• CVE-2025-27727 • published on April 8, 2025 Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
• CVE-2025-27490 • published on April 8, 2025 Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
• CVE-2025-27491 • published on April 8, 2025 Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.
• CVE-2025-27492 • published on April 8, 2025 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
• CVE-2025-27486 • published on April 8, 2025 Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
• CVE-2025-27489 • published on April 8, 2025 Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.