HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-64673

Apr 16, 2026 14:18:41 UTC

Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-64670

Apr 16, 2026 14:18:40 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.

CVE-2025-64666

Apr 16, 2026 14:18:39 UTC

Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

CVE-2025-64667

Apr 16, 2026 14:18:39 UTC

User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-64658

Apr 16, 2026 14:18:38 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

CVE-2025-62573

Apr 16, 2026 14:18:38 UTC

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

CVE-2025-62572

Apr 16, 2026 14:18:37 UTC

Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.

CVE-2025-62571

Apr 16, 2026 14:18:37 UTC

Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.

CVE-2025-62564

Apr 16, 2026 14:18:36 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62563

Apr 16, 2026 14:18:35 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62562

Apr 16, 2026 14:18:35 UTC

Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.

CVE-2025-62561

Apr 16, 2026 14:18:34 UTC

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62549

Apr 16, 2026 14:18:34 UTC

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-62473

Apr 16, 2026 14:18:33 UTC

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-62472

Apr 16, 2026 14:18:32 UTC

Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

Page: 37