CVE Monitor
CVE-2025-59205
HIGH
14 Oct 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-59203
MEDIUM
14 Oct 2025
Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.
CVE-2025-59198
MEDIUM
14 Oct 2025
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
CVE-2025-59197
MEDIUM
14 Oct 2025
Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.
CVE-2025-59194
HIGH
14 Oct 2025
Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-59193
HIGH
14 Oct 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2025-59192
HIGH
14 Oct 2025
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-59191
HIGH
14 Oct 2025
Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
CVE-2025-59190
MEDIUM
14 Oct 2025
Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally.
CVE-2025-59189
HIGH
14 Oct 2025
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
CVE-2025-59188
MEDIUM
14 Oct 2025
Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally.
CVE-2025-59187
HIGH
14 Oct 2025
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-59184
MEDIUM
14 Oct 2025
Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally.
CVE-2025-58739
MEDIUM
14 Oct 2025
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-58738
HIGH
14 Oct 2025
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58737
HIGH
14 Oct 2025
Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally.
CVE-2025-58736
HIGH
14 Oct 2025
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58734
HIGH
14 Oct 2025
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58733
HIGH
14 Oct 2025
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58731
HIGH
14 Oct 2025
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58730
HIGH
14 Oct 2025
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2025-58729
MEDIUM
14 Oct 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
CVE-2025-58727
HIGH
14 Oct 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2025-58726
HIGH
14 Oct 2025
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-58725
HIGH
14 Oct 2025
Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally.
Page 176 of 687