Common Vulnerabilities and Exposures (CVE)
CVE-2025-62465
Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.
CVE-2025-62464
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62463
Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.
CVE-2025-62462
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62461
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62455
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
CVE-2025-59517
Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-59516
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62224
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network.
CVE-2025-64669
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges locally.
CVE-2025-64673
Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-64670
Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.
CVE-2025-64666
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-64667
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-64658
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.