CVE-2025-29975 Microsoft PC Manager Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-29962 Windows Media Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-29832 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-27468 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
CVE-2025-29973 Microsoft Azure File Sync Elevation of Privilege Vulnerability
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.
CVE-2025-29961 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29831 Windows Remote Desktop Services Remote Code Execution Vulnerability
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2025-30387 Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability
Improper limitation of a pathname to a restricted directory (‘path traversal’) in Azure allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-29971 Web Threat Defense (WTD.sys) Denial of Service Vulnerability
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.
CVE-2025-29958 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
