Security Vulnerabilities
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack.
CVSS Score
2.1
EPSS Score
0.001
Published
2025-10-14
Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVSS Score
7.0
EPSS Score
0.001
Published
2025-10-14
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-10-14
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.005
Published
2025-10-14
CVE-2025-59287
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
Known exploited
CVSS Score
9.8
EPSS Score
0.09
Published
2025-10-14
Improper verification of cryptographic signature in GitHub allows an unauthorized attacker to perform spoofing over an adjacent network.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-14
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-10-14
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.
CVSS Score
3.1
EPSS Score
0.0
Published
2025-10-14
Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-10-14