Vulnerabilities > Microsoft > Windows Server 2022 > 10.0.20348.2458
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-29964 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. | 8.8 |
| 2025-05-13 | CVE-2025-29966 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. | 8.8 |
| 2025-05-13 | CVE-2025-29967 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | 8.8 |
| 2025-05-13 | CVE-2025-29968 | Improper Input Validation vulnerability in Microsoft products Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29969 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network. | 7.5 |
| 2025-05-13 | CVE-2025-29974 | Integer Underflow (Wrap or Wraparound) vulnerability in Microsoft products Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. | 5.7 |
| 2025-05-13 | CVE-2025-29976 | Improper Privilege Management vulnerability in Microsoft products Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-03-11 | CVE-2025-24054 | Unspecified vulnerability in Microsoft products External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | 5.4 |