Vulnerabilities > Microsoft > Windows Server 2022 23H2 > 10.0.25398.887
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-30385 | Use After Free vulnerability in Microsoft products Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-30388 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | 7.8 |
| 2025-05-13 | CVE-2025-30394 | Sensitive Data Storage in Improperly Locked Memory vulnerability in Microsoft products Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. | 5.9 |
| 2025-05-13 | CVE-2025-30397 | Type Confusion vulnerability in Microsoft products Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. | 7.5 |
| 2025-05-13 | CVE-2025-30400 | Use After Free vulnerability in Microsoft products Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-32701 | Use After Free vulnerability in Microsoft products Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-32706 | Improper Input Validation vulnerability in Microsoft products Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-24063 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-26677 | Resource Exhaustion vulnerability in Microsoft products Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. | 7.5 |
| 2025-05-13 | CVE-2025-27468 | Improper Privilege Management vulnerability in Microsoft products Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. | 7.0 |