#windows

CVE-2025-26666: Windows Media Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.

3 months ago

#vulnerability #windows #rce #buffer_overflow #auth #Windows Media #Security Vulnerability

CVE-2025-26665: Windows upnphost.dll Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Windows upnphost.dll #Security Vulnerability

CVE-2025-26664: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Windows Routing and Remote Access Service (RRAS)#Security Vulnerability

CVE-2025-26663: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #rce #ldap #Windows LDAP - Lightweight Directory Access Protocol #Security Vulnerability

CVE-2025-27733: NTFS Elevation of Privilege Vulnerability

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

3 months ago