Month: April 2025

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-26667 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability→

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. Continue reading CVE-2025-26674 Windows Media Remote Code Execution Vulnerability→

Use after free in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-26681 Win32k Elevation of Privilege Vulnerability→

Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27489 Azure Local Elevation of Privilege Vulnerability→

Uncontrolled resource consumption in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-27469 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability→

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27739 Windows Kernel Elevation of Privilege Vulnerability→

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27731 Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability→

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-24062 Microsoft DWM Core Library Elevation of Privilege Vulnerability→