Vulnerabilities > Microsoft > Windows Server 2012 > r2

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-30385 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-30394 Sensitive Data Storage in Improperly Locked Memory vulnerability in Microsoft products
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
network
high complexity
microsoft CWE-591
5.9
5.9
2025-05-13 CVE-2025-30397 Type Confusion vulnerability in Microsoft products
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
network
high complexity
microsoft CWE-843
7.5
7.5
2025-05-13 CVE-2025-32701 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-32706 Improper Input Validation vulnerability in Microsoft products
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-20
7.8
7.8
2025-05-13 CVE-2025-32707 Out-of-bounds Read vulnerability in Microsoft products
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-125
7.8
7.8
2025-05-13 CVE-2025-32709 Use After Free vulnerability in Microsoft products
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-24063 Heap-based Buffer Overflow vulnerability in Microsoft products
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-122
7.8
7.8
2025-05-13 CVE-2025-27468 Improper Privilege Management vulnerability in Microsoft products
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
local
high complexity
microsoft CWE-269
7.0
7.0
2025-05-13 CVE-2025-29830 Use of Uninitialized Resource vulnerability in Microsoft products
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
microsoft CWE-908
6.5
6.5