CVE-2025-59202
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59202
Tagged: Cybersecurity Alert
CVE-2025-59198
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59198
CVE-2025-59199
Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59199
CVE-2025-59200
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59200
CVE-2025-59201
Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59201
CVE-2025-59192
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59192
CVE-2025-59193
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Management Services allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59193
CVE-2025-59194
Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59194
CVE-2025-59195
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Graphics Component allows an authorized attacker to deny service locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59195
CVE-2025-59196
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows SSDP Service allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59196
CVE-2025-59197
Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59197
CVE-2025-59186
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59186
CVE-2025-59187
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59187
CVE-2025-59188
Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59188