Month: April 2025

Use after free in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-26663 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability→

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-26676 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability→

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-26682 ASP.NET Core and Visual Studio Denial of Service Vulnerability→

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-26642 Microsoft Office Remote Code Execution Vulnerability→

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-24060 Microsoft DWM Core Library Elevation of Privilege Vulnerability→

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Continue reading CVE-2025-26637 BitLocker Security Feature Bypass Vulnerability→

Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-29811 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability→

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network. Continue reading CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability→