Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2025-54957: MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder

Deserialization of untrusted data in Microsoft Windows Codecs Library allows an unauthorized attacker to execute code locally.

Microsoft Security Response Center
#windows#microsoft#git#auth#Microsoft Windows Codecs Library#Security Vulnerability
CVE-2025-59258: Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could obtain Single Sign-On (SSO) cookies in ADFS logs.

CVE-2025-59259: Windows Local Session Manager (LSM) Denial of Service Vulnerability

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

CVE-2025-47979: Microsoft Failover Cluster Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally.

CVE-2025-59255: Windows DWM Core Library Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-59242: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.

CVE-2025-59207: Windows Kernel Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Kernel allows an unauthorized attacker to elevate privileges locally.