Microsoft: >> Windows 10 21h2 >> 10.0.14393.5989 Security Vulnerabilities
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-08
Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-07-08
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-07-08
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-07-08
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-07-08
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-07-08
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-07-08
Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-08
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-08