Security Vulnerabilities - CVEs Published In August 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVSS Score
8.0
EPSS Score
0.001
Published
2025-08-12
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.001
Published
2025-08-12
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.103
Published
2025-08-12
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-08-12
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-08-12
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-08-12
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-08-12
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-08-12
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-08-12
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.
CVSS Score
6.5
EPSS Score
0.004
Published
2025-08-12