Month: July 2025

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-48824 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability→

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-48811 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47987 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability→

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network. Continue reading CVE-2025-48802 Windows SMB Server Spoofing Vulnerability→

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47986 Universal Print Management Service Elevation of Privilege Vulnerability→

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network. Continue reading CVE-2025-48002 Windows Hyper-V Information Disclosure Vulnerability→

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47159 Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability→

Improper link resolution before file access (‘link following’) in Service Fabric allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-21195 Azure Service Fabric Runtime Elevation of Privilege Vulnerability→