Security Vulnerabilities
Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-08
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-07-08
Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-08
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVSS Score
6.8
EPSS Score
0.002
Published
2025-07-08
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-08
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-08
Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-08