7.8
CVE-2025-53768 - Xbox IStorageService Elevation of Privilege Vulnerability
Use after free in Xbox allows an authorized attacker to elevate privileges locally.
7.7
CVE-2025-53139 - Windows Hello Security Feature Bypass Vulnerability
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally.
7.8
CVE-2025-50175 - Windows Digital Media Elevation of Privilege Vulnerability
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-53150 - Windows Digital Media Elevation of Privilege Vulnerability
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-50152 - Windows Kernel Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.
7
CVE-2025-53717 - Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
7.3
CVE-2025-25004 - PowerShell Elevation of Privilege Vulnerability
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
6.3
CVE-2025-48813 - Virtual Secure Mode Spoofing Vulnerability
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.
7.5
CVE-2025-59502 - Remote Procedure Call Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network.
7.8
CVE-2025-59494 - Azure Monitor Agent Elevation of Privilege Vulnerability
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.