CVE
@CVEnew
Followers
55K
Following
1
Media
0
Statuses
201K
Official account maintained by the CVE™ Program to notify the community of new CVE IDs. Posts contain abbreviated details. Full CVE Records on https://t.co/ALn4YvUtom
Joined January 2017
CVE-2025-48811 Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
0
0
0
CVE-2025-48814 Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
0
0
0
CVE-2025-48815 Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
0
0
0
CVE-2025-48816 Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.
0
0
0
CVE-2025-48817 Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
0
0
0
CVE-2025-48818 Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
0
0
0
CVE-2025-48819 Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an a…
0
0
0
CVE-2025-48820 Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.
0
0
0
CVE-2025-48821 Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
0
0
0
CVE-2025-48822 Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
0
0
0
CVE-2025-48823 Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.
0
0
0
CVE-2025-49659 Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
0
0
0
CVE-2025-49660 Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
0
0
0
CVE-2025-49663 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
0
0
0
CVE-2025-49664 Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.
0
0
0
CVE-2025-49665 Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges lo…
0
0
0
CVE-2024-36357 A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive inf…
0
0
0
CVE-2025-7187 A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetch_member.php. The manipula…
0
0
0
CVE-2025-53479 The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escapin…
0
0
0
CVE-2025-0928 In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, w…
0
0
0