Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-21264 Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
local
low complexity
CWE-552
7.1
7.1
2025-05-13 CVE-2025-24063 Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-122
7.8
7.8
2025-05-13 CVE-2025-26677 Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
network
low complexity
CWE-400
7.5
7.5
2025-05-13 CVE-2025-27468 Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-269
7.0
7.0
2025-05-13 CVE-2025-29826 Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-280
7.3
7.3
2025-05-13 CVE-2025-29831 Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
network
high complexity
CWE-416
7.5
7.5
2025-05-13 CVE-2025-29833 Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.
local
high complexity
 7.7
7.7
2025-05-13 CVE-2025-29838 Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
local
high complexity
CWE-476
7.4
7.4
2025-05-13 CVE-2025-29840 Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-121
8.8
8.8
2025-05-13 CVE-2025-29841 Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-416
7.0
7.0