**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data.

7 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #dos #ldap #Windows LDAP - Lightweight Directory Access Protocol #Security Vulnerability

CVE-2025-29836: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?** An unauthorized attacker must wait for a user to initiate a connection.

7 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Routing and Remote Access Service (RRAS)#Security Vulnerability

CVE-2025-29958: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

7 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Windows Routing and Remote Access Service (RRAS)#Security Vulnerability

CVE-2025-29839: Windows Multiple UNC Provider Driver Information Disclosure Vulnerability

Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.

7 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows File Server #Security Vulnerability

CVE-2025-29840: Windows Media Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.