7.3
CVE-2025-25003 - Visual Studio Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
7.3
CVE-2025-24998 - Visual Studio Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
4.4
CVE-2025-24997 - DirectX Graphics Kernel File Denial of Service Vulnerability
Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.
6.5
CVE-2025-24996 - NTLM Hash Disclosure Spoofing Vulnerability
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
7.8
CVE-2025-24995 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-21180 - Windows exFAT File System Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
6.6
CVE-2025-24988 - Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
6.6
CVE-2025-24987 - Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
6.5
CVE-2025-24986 - Azure Promptflow Remote Code Execution Vulnerability
Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.
7.8
CVE-2025-24083 - Microsoft Office Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.