Security Vulnerabilities
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.002
Published
2025-09-09
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-09-09
No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-09-09
Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-09-09
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-09-09
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-09-09
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-09
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-09
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-09
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-09-09