Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-29837 Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.
local
low complexity
CWE-59
5.5
5.5
2025-05-13 CVE-2025-29838 Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
local
high complexity
CWE-476
7.4
7.4
2025-05-13 CVE-2025-29839 Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
local
low complexity
CWE-125
4.0
4.0
2025-05-13 CVE-2025-29840 Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-121
8.8
8.8
2025-05-13 CVE-2025-29841 Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-416
7.0
7.0
2025-05-13 CVE-2025-29842 Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.
network
high complexity
CWE-349
7.5
7.5
2025-05-13 CVE-2025-29954 Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
network
high complexity
CWE-400
5.9
5.9
2025-05-13 CVE-2025-29955 Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.
local
low complexity
CWE-20
6.2
6.2
2025-05-13 CVE-2025-29956 Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
network
high complexity
CWE-126
5.4
5.4
2025-05-13 CVE-2025-29957 Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
local
low complexity
CWE-400
6.2
6.2