Total
3849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-27470 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2025-07-08 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-27469 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-27486 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2025-07-08 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-27485 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2025-07-08 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-27732 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | N/A | 7.0 HIGH |
| Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27727 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | N/A | 7.8 HIGH |
| Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-33060 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-32720 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-08 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-21174 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2025-07-08 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-33070 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | N/A | 8.1 HIGH |
| Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2025-33071 | 1 Microsoft | 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more | 2025-07-08 | N/A | 8.1 HIGH |
| Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-21191 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-07 | N/A | 7.0 HIGH |
| Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2023-28267 | 1 Microsoft | 14 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 11 more | 2025-07-07 | N/A | 6.5 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2023-29362 | 1 Microsoft | 13 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 10 more | 2025-07-07 | N/A | 8.8 HIGH |
| Remote Desktop Client Remote Code Execution Vulnerability | |||||
| CVE-2025-32715 | 1 Microsoft | 17 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 14 more | 2025-07-07 | N/A | 6.5 MEDIUM |
| Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-27487 | 1 Microsoft | 17 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 14 more | 2025-07-07 | N/A | 8.0 HIGH |
| Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. | |||||
| CVE-2022-24503 | 1 Microsoft | 12 Remote Desktop Client, Windows 10, Windows 11 and 9 more | 2025-07-07 | 5.0 MEDIUM | 5.4 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2022-22015 | 1 Microsoft | 10 Remote Desktop Client, Windows 10, Windows 11 and 7 more | 2025-07-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||
| CVE-2024-38131 | 1 Microsoft | 16 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 13 more | 2025-07-07 | N/A | 8.8 HIGH |
| Clipboard Virtual Channel Extension Remote Code Execution Vulnerability | |||||
| CVE-2019-0887 | 1 Microsoft | 10 Remote Desktop Client, Windows 10, Windows 11 21h2 and 7 more | 2025-07-07 | 8.5 HIGH | 8.0 HIGH |
| A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | |||||