Skip to main content

Windows Server 2012

3705 CVEs product

Monthly

CVE-2025-21205 HIGH This Week

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2025-21204 HIGH This Week

Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
7.3%
CVE-2025-21203 MEDIUM This Month

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Windows Server 2008 Windows Server 2012 Windows Server 2016 +5
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2025-21197 MEDIUM This Month

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2025-21191 HIGH This Week

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2025-21174 HIGH Act Now

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.9% and no vendor patch available.

Microsoft Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019 +3
NVD
CVSS 3.1
7.5
EPSS
35.9%
CVE-2025-21420 HIGH PATCH Act Now

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 37.8%.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
37.8%
CVE-2025-21419 HIGH PATCH This Week

Windows Setup Files Cleanup Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-21418 HIGH KEV PATCH THREAT Act Now

Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow enabling local privilege escalation to SYSTEM, exploited in the wild in February 2025.

Microsoft Buffer Overflow Heap Overflow Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
13.6%
CVE-2025-21410 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows Server 2008 +7
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21407 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21406 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Microsoft RCE Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21377 MEDIUM PATCH This Month

NTLM Hash Disclosure Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2025-21376 HIGH PATCH This Month

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +15
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2025-21375 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-21373 HIGH PATCH This Month

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21371 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-21369 HIGH PATCH This Week

Microsoft Digest Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21368 HIGH PATCH This Week

Microsoft Digest Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21359 HIGH PATCH This Week

Windows Kernel Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21352 MEDIUM PATCH This Month

Internet Connection Sharing (ICS) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-21350 MEDIUM PATCH This Month

Windows Kerberos Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2025-21347 MEDIUM PATCH This Month

Windows Deployment Services Denial of Service Vulnerability. Rated medium severity (CVSS 6.0).

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
6.0
EPSS
0.3%
CVE-2025-21337 LOW PATCH Monitor

Windows NTFS Elevation of Privilege Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-21208 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows Server 2008 +7
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-21201 HIGH PATCH This Week

Windows Telephony Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21200 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21190 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow RCE Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21181 HIGH PATCH Act Now

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.6%.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.5
EPSS
13.6%
CVE-2025-21417 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2025-21413 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2025-21411 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2025-21409 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2025-21389 HIGH PATCH This Month

Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2025-21378 HIGH PATCH This Month

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-21374 MEDIUM PATCH This Month

Windows CSC Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21341 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21339 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2025-21336 MEDIUM PATCH This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.6).

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2025-21332 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-21331 HIGH PATCH This Month

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2025-21329 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-21328 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-21327 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21324 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21321 MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21320 MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21319 MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21318 MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21316 MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21312 LOW PATCH Monitor

Windows Smart Card Reader Information Disclosure Vulnerability. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
2.4
EPSS
0.2%
CVE-2025-21310 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21309 HIGH PATCH CERT-EU This Month

Windows Remote Desktop Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft RCE Windows Server 2012 Windows Server 2016 Windows Server 2019 +4
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2025-21308 MEDIUM PATCH CERT-EU This Month

Windows Themes Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2025-21307 CRITICAL PATCH CERT-EU This Week

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE Windows 10 1507 +15
NVD
CVSS 3.1
9.8
EPSS
9.3%
CVE-2025-21306 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2025-21305 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2025-21303 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2025-21302 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2025-21300 HIGH PATCH This Month

Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2025-21298 CRITICAL PATCH CERT-EU Act Now

Windows OLE Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 73.9%.

Microsoft Memory Corruption Use After Free RCE Windows 10 1507 +15
NVD
CVSS 3.1
9.8
EPSS
73.9%
CVE-2025-21297 HIGH PATCH CERT-EU This Month

Windows Remote Desktop Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE Windows Server 2008 +7
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2025-21296 HIGH PATCH This Month

BranchCache Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

RCE Memory Corruption Use After Free Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-21295 HIGH PATCH This Month

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

RCE Memory Corruption Use After Free Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2025-21294 HIGH PATCH CERT-EU This Month

Microsoft Digest Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2025-21293 HIGH POC PATCH THREAT Act Now

Active Directory Domain Services contains an elevation of privilege vulnerability that allows authenticated domain users to escalate to domain administrator. The vulnerability enables lateral movement and complete domain compromise from any authenticated position within the Active Directory environment.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
8.8
EPSS
75.3%
Threat
5.5
CVE-2025-21290 HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2025-21289 HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2025-21288 MEDIUM PATCH This Month

Windows COM Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21287 HIGH PATCH This Month

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-21286 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2025-21285 HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 38.8%.

Microsoft Null Pointer Dereference Denial Of Service Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.5
EPSS
38.8%
CVE-2025-21282 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2025-21281 HIGH PATCH This Month

Microsoft COM for Windows Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free Information Disclosure Windows 10 1507 +14
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-21278 MEDIUM PATCH This Month

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Microsoft Race Condition Denial Of Service Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2025-21277 HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 30.3%.

Microsoft Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.5
EPSS
30.3%
CVE-2025-21276 HIGH PATCH This Month

Windows MapUrlToZone Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Integer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.5
EPSS
6.8%
CVE-2025-21274 MEDIUM PATCH This Month

Windows Event Tracing Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21273 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2025-21272 MEDIUM PATCH This Month

Windows COM Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21270 HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2025-21269 MEDIUM PATCH Monitor

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21268 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21266 HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2025-21265 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21263 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21261 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21260 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21258 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21256 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
EPSS 1% CVSS 8.8
HIGH This Week

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Heap Overflow +16
NVD
EPSS 7% CVSS 7.8
HIGH This Week

Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Windows Server 2008 +7
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1507 +15
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 36% CVSS 7.5
HIGH Act Now

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.9% and no vendor patch available.

Microsoft Denial Of Service Windows Server 2012 +5
NVD
EPSS 38% CVSS 7.8
HIGH PATCH Act Now

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 37.8%.

Microsoft Information Disclosure Windows 10 1507 +14
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Windows Setup Files Cleanup Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 14% CVSS 7.8
HIGH KEV PATCH THREAT Act Now

Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow enabling local privilege escalation to SYSTEM, exploited in the wild in February 2025.

Microsoft Buffer Overflow Heap Overflow +15
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +9
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +17
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Microsoft +17
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

NTLM Hash Disclosure Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Month

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Buffer Overflow Heap Overflow +17
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +17
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Microsoft Digest Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +16
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Microsoft Digest Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 +15
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Internet Connection Sharing (ICS) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Windows Kerberos Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Microsoft Denial Of Service Windows 10 1507 +15
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Windows Deployment Services Denial of Service Vulnerability. Rated medium severity (CVSS 6.0).

Microsoft Denial Of Service Windows 10 1507 +14
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Windows NTFS Elevation of Privilege Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 +15
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +9
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 1507 +15
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +17
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Buffer Overflow Heap Overflow +17
NVD
EPSS 14% CVSS 7.5
HIGH PATCH Act Now

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.6%.

Microsoft Denial Of Service Windows 10 1507 +14
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Month

Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Windows 10 1507 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +15
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows CSC Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +15
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.6).

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Month

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +13
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +14
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +14
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +14
NVD
EPSS 0% CVSS 2.4
LOW PATCH Monitor

Windows Smart Card Reader Information Disclosure Vulnerability. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 +12
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Month

Windows Remote Desktop Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft RCE Windows Server 2012 +6
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Themes Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 1507 +13
NVD
EPSS 9% CVSS 9.8
CRITICAL PATCH This Week

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +17
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Month

Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 +15
NVD
EPSS 74% CVSS 9.8
CRITICAL PATCH Act Now

Windows OLE Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 73.9%.

Microsoft Memory Corruption Use After Free +17
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Month

Windows Remote Desktop Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +9
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

BranchCache Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

RCE Memory Corruption Use After Free +16
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Month

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

RCE Memory Corruption Use After Free +16
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Month

Microsoft Digest Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft RCE Windows 10 1507 +14
NVD
EPSS 75% 5.5 CVSS 8.8
HIGH POC PATCH THREAT Act Now

Active Directory Domain Services contains an elevation of privilege vulnerability that allows authenticated domain users to escalate to domain administrator. The vulnerability enables lateral movement and complete domain compromise from any authenticated position within the Active Directory environment.

Authentication Bypass Windows 10 1507 Windows 10 1607 +13
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 +14
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Windows COM Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 1507 +15
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 39% CVSS 7.5
HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 38.8%.

Microsoft Null Pointer Dereference Denial Of Service +15
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Microsoft COM for Windows Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +16
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Microsoft Race Condition Denial Of Service +15
NVD
EPSS 30% CVSS 7.5
HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 30.3%.

Microsoft Buffer Overflow Denial Of Service +15
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Month

Windows MapUrlToZone Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Integer Overflow Denial Of Service +16
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Event Tracing Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1507 +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Windows COM Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Microsoft Denial Of Service Windows 10 1507 +14
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 +15
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Month

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +17
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure +16
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +16
NVD
Prev Page 7 of 42 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy