CVE-2025-24993 Windows NTFS Remote Code Execution Vulnerability
Published March 11, 2025
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
Microsoft Security Response Center Blog Alerts
CVE-2025-24056 Windows Telephony Service Remote Code Execution Vulnerability
Published March 11, 2025
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.
CVE-2025-21180 Windows exFAT File System Remote Code Execution Vulnerability
Published March 11, 2025
Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
CVE-2025-24035 Windows Remote Desktop Services Remote Code Execution Vulnerability
Published March 11, 2025
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2025-24992 Windows NTFS Information Disclosure Vulnerability
Published March 11, 2025
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
CVE-2025-24055 Windows USB Video Class System Driver Information Disclosure Vulnerability
Published March 11, 2025
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.
CVE-2025-24988 Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Published March 11, 2025
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
Chromium: CVE-2025-1921 Inappropriate Implementation in Media Stream
Published March 7, 2025
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.
Chromium: CVE-2025-1922 Inappropriate Implementation in Selection
Published March 7, 2025
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.
Chromium: CVE-2025-1923 Inappropriate Implementation in Permission Prompts
Published March 7, 2025
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.
