Vulnerabilities > Microsoft > Windows Server 2022 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-29957 | Resource Exhaustion vulnerability in Microsoft products Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally. | 6.2 |
| 2025-05-13 | CVE-2025-29958 | Use of Uninitialized Resource vulnerability in Microsoft products Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29959 | Use of Uninitialized Resource vulnerability in Microsoft products Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29960 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29961 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29968 | Improper Input Validation vulnerability in Microsoft products Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network. | 6.5 |
| 2025-05-13 | CVE-2025-29974 | Integer Underflow (Wrap or Wraparound) vulnerability in Microsoft products Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. | 5.7 |
| 2025-03-11 | CVE-2025-24054 | Unspecified vulnerability in Microsoft products External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | 5.4 |
| 2025-03-11 | CVE-2025-24984 | Information Exposure Through Log Files vulnerability in Microsoft products Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | 4.6 |
| 2025-03-11 | CVE-2025-24991 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | 5.5 |