Vulnerabilities > Microsoft > Windows Server 2022 23H2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-30394 | Sensitive Data Storage in Improperly Locked Memory vulnerability in Microsoft products Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. | 5.9 |
| 2025-05-13 | CVE-2025-29829 | Use of Uninitialized Resource vulnerability in Microsoft products Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally. | 5.5 |
| 2025-05-13 | CVE-2025-29830 | Use of Uninitialized Resource vulnerability in Microsoft products Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29832 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29835 | NULL Pointer Dereference vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29836 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29837 | Link Following vulnerability in Microsoft products Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally. | 5.5 |
| 2025-05-13 | CVE-2025-29839 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. | 4.0 |
| 2025-05-13 | CVE-2025-29954 | Resource Exhaustion vulnerability in Microsoft products Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | 5.9 |
| 2025-05-13 | CVE-2025-29955 | Improper Input Validation vulnerability in Microsoft products Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally. | 5.5 |