Microsoft: >> Windows Server 2012 >> r2 Security Vulnerabilities
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-08
Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-07-08
Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-08
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-07-08
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-07-08
Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-07-08
Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08