Security Vulnerabilities
Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-14
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.
CVSS Score
3.1
EPSS Score
0.0
Published
2025-10-14
Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-10-14
Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-14
Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally.
CVSS Score
6.2
EPSS Score
0.001
Published
2025-10-14
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-14
Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-10-14
Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-14
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14