Latest CVE Feed
-
6.5
MEDIUMCVE-2025-27738
Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Information Disclosure
-
8.6
HIGHCVE-2025-27737
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Misconfiguration
-
5.5
MEDIUMCVE-2025-27736
Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 +4 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Information Disclosure
-
6.0
MEDIUMCVE-2025-27735
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-27733
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows windows_server_2012_r2 windows_server_2008_r2 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-27732
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27731
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-27730
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27729
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.... Read more
Affected Products : windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_11_23h2 windows_11_24h2 windows_server_2025- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27728
Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27727
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authorization
-
7.0
HIGHCVE-2025-27492
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Race Condition
-
7.1
HIGHCVE-2025-27491
Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27490
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27489
Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : azure_stack_hci_os_23h2- Published: Apr. 08, 2025
- Modified: Apr. 09, 2025
- Vuln Type: Authorization
-
8.0
HIGHCVE-2025-27487
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +13 more products- Published: Apr. 08, 2025
- Modified: Jul. 07, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-27486
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27485
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27484
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-27483
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption