Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-30394 | Sensitive Data Storage in Improperly Locked Memory vulnerability in Microsoft products Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. | 5.9 |
| 2025-05-13 | CVE-2025-32703 | Insufficient Granularity of Access Control vulnerability in Microsoft Visual Studio 2019 Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally. | 5.5 |
| 2025-05-13 | CVE-2025-26685 | Improper Authentication vulnerability in Microsoft Defender for Identity Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network. | 6.5 |
| 2025-05-13 | CVE-2025-27488 | Use of Hard-coded Credentials vulnerability in Microsoft Windows Hardware LAB KIT Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally. | 6.7 |
| 2025-05-13 | CVE-2025-29829 | Use of Uninitialized Resource vulnerability in Microsoft products Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally. | 5.5 |
| 2025-05-13 | CVE-2025-29830 | Use of Uninitialized Resource vulnerability in Microsoft products Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29832 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29835 | NULL Pointer Dereference vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29836 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29837 | Link Following vulnerability in Microsoft products Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally. | 5.5 |