Microsoft: Security Vulnerabilities
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.004
Published
2025-04-08
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.003
Published
2025-04-08
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.004
Published
2025-04-08
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-04-08
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.208
Published
2025-04-08
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.208
Published
2025-04-08
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.
CVSS Score
8.0
EPSS Score
0.004
Published
2025-04-08
Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-04-08
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.004
Published
2025-04-08