Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2025-59198: Windows Search Service Denial of Service Vulnerability

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#microsoft#dos#auth#Microsoft Windows Search Component#Security Vulnerability
CVE-2025-59197: Windows ETL Channel Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.

CVE-2025-59209: Windows Push Notification Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.

CVE-2025-59214: Microsoft Windows File Explorer Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-59194: Windows Kernel Elevation of Privilege Vulnerability

Use of uninitialized resource in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

CVE-2025-59184: Storage Spaces Direct Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally.

CVE-2025-59193: Windows Management Services Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2025-59188: Microsoft Failover Cluster Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Kernel Memory allows an unauthorized attacker to disclose information locally.