CVE-2025-24073 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2025-27747 Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-27470 Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVE-2025-29804 Visual Studio Elevation of Privilege Vulnerability
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-27727 Windows Installer Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-26642 Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2025-27748 Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-27471 Microsoft Streaming Service Denial of Service Vulnerability
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.
