CVE-2025-59511 Windows WLAN Service Elevation of Privilege Vulnerability
External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59510 Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability
Improper link resolution before file access (‘link following’) in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.
CVE-2025-62219 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
CVE-2025-62210 Dynamics 365 Field Service (online) Spoofing Vulnerability
Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
CVE-2025-62199 Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60716 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
CVE-2025-59515 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59509 Windows Speech Recognition Information Disclosure Vulnerability
Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.
CVE-2025-59508 Windows Speech Recognition Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2025-59505 Windows Smart Card Reader Elevation of Privilege Vulnerability
Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.
