Month: April 2025

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally. Continue reading CVE-2025-27742 NTFS Information Disclosure Vulnerability→

Sensitive data storage in improperly locked memory in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27732 Windows Graphics Component Elevation of Privilege Vulnerability→

Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27744 Microsoft Office Elevation of Privilege Vulnerability→

Use after free in Windows Shell allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-27729 Windows Shell Remote Code Execution Vulnerability→

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Continue reading CVE-2025-27741 NTFS Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Secure Channel allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27492 Windows Secure Channel Elevation of Privilege Vulnerability→

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-27740 Active Directory Certificate Services Elevation of Privilege Vulnerability→

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Continue reading CVE-2025-27483 NTFS Elevation of Privilege Vulnerability→