#Security Vulnerability

CVE-2025-58725: Windows COM+ Event System Service Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #buffer_overflow #auth #Windows COM #Security Vulnerability

CVE-2025-58724: Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #mac #auth #Azure Connected Machine Agent #Security Vulnerability

CVE-2025-58727: Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Connected Devices Platform Service #Security Vulnerability

CVE-2025-59184: Storage Spaces Direct Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows High Availability Services #Security Vulnerability

CVE-2025-58739: Microsoft Windows File Explorer Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #microsoft #auth #Windows File Explorer #Security Vulnerability

CVE-2025-58726: Windows SMB Server Elevation of Privilege Vulnerability

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #samba #auth #Windows SMB Server #Security Vulnerability

CVE-2025-55697: Azure Local Elevation of Privilege Vulnerability

Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #buffer_overflow #auth #Azure Local #Security Vulnerability

CVE-2025-55696: NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #auth #NtQueryInformation Token function (ntifs.h)#Security Vulnerability

CVE-2025-55693: Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Kernel #Security Vulnerability

CVE-2025-55692: Windows Error Reporting Service Elevation of Privilege Vulnerability

Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally.