Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-29842 Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.
network
high complexity
CWE-349
7.5
7.5
2025-05-13 CVE-2025-29962 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-122
8.8
8.8
2025-05-13 CVE-2025-29963 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-122
8.8
8.8
2025-05-13 CVE-2025-29964 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-122
8.8
8.8
2025-05-13 CVE-2025-29966 Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-122
8.8
8.8
2025-05-13 CVE-2025-29967 Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-122
8.8
8.8
2025-05-13 CVE-2025-29969 Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.
network
high complexity
CWE-367
7.5
7.5
2025-05-13 CVE-2025-29970 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-416
7.8
7.8
2025-05-13 CVE-2025-29971 Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.
network
low complexity
CWE-125
7.5
7.5
2025-05-13 CVE-2025-29973 Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-284
7.0
7.0