Month: April 2025

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability→

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-27484 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27478 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability→

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-27477 Windows Telephony Service Remote Code Execution Vulnerability→

Uncontrolled resource consumption in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-26673 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability→

Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27475 Windows Update Stack Elevation of Privilege Vulnerability→

Use after free in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-26670 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability→