CVE-2025-21197 Windows NTFS Information Disclosure Vulnerability
Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn’t have permission to list content.
CVE-2025-27743 Microsoft System Center Elevation of Privilege Vulnerability
Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
CVE-2025-27472 Windows Mark of the Web Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-29808 Windows Cryptographic Services Information Disclosure Vulnerability
Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
CVE-2025-27728 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2025-27467 Windows Digital Media Elevation of Privilege Vulnerability
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVE-2025-26641 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
CVE-2025-21174 Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVE-2025-27749 Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27473 HTTP.sys Denial of Service Vulnerability
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
