Microsoft Windows Server 2022

Integer overflow or wraparound in Windows Fast FAT Driver

CVE-2025-24985 7.8 - High - March 11, 2025

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

Integer Overflow or Wraparound

Insertion of sensitive information into log file in Windows NTFS

CVE-2025-24984 4.6 - Medium - March 11, 2025

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

Insertion of Sensitive Information into Log File

Out-of-bounds read in Windows NTFS

CVE-2025-24991 5.5 - Medium - March 11, 2025

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Heap-based buffer overflow in Windows NTFS

CVE-2025-24993 7.8 - High - March 11, 2025

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Improper neutralization in Microsoft Management Console

CVE-2025-26633 7 - High - March 11, 2025

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Improper Neutralization

Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21184 7 - High - February 11, 2025

Windows Core Messaging Elevation of Privileges Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21190 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21200 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2025-21201 8.8 - High - February 11, 2025

Windows Telephony Server Remote Code Execution Vulnerability

Double-free

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-21208 8.8 - High - February 11, 2025

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21212 6.5 - Medium - February 11, 2025

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Out-of-bounds Read

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21216 6.5 - Medium - February 11, 2025

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Out-of-bounds Read

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21254 6.5 - Medium - February 11, 2025

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Out-of-bounds Read

Windows NTFS Elevation of Privilege Vulnerability

CVE-2025-21337 3.3 - Low - February 11, 2025

Windows NTFS Elevation of Privilege Vulnerability

Authorization

Windows Deployment Services Denial of Service Vulnerability

CVE-2025-21347 6 - Medium - February 11, 2025

Windows Deployment Services Denial of Service Vulnerability

insecure temporary file

Windows Remote Desktop Configuration Service Tampering Vulnerability

CVE-2025-21349 6.8 - Medium - February 11, 2025

Windows Remote Desktop Configuration Service Tampering Vulnerability

authentification

Windows Kerberos Denial of Service Vulnerability

CVE-2025-21350 5.9 - Medium - February 11, 2025

Windows Kerberos Denial of Service Vulnerability

Improper Input Validation

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21368 8.8 - High - February 11, 2025

Microsoft Digest Authentication Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21369 8.8 - High - February 11, 2025

Microsoft Digest Authentication Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21371 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-21373 7.8 - High - February 11, 2025

Windows Installer Elevation of Privilege Vulnerability

insecure temporary file

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-21375 7.8 - High - February 11, 2025

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Improper Input Validation

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2025-21376 8.1 - High - February 11, 2025

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Race Condition

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21181 7.5 - High - February 11, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

NTLM Hash Disclosure Spoofing Vulnerability

CVE-2025-21377 6.5 - Medium - February 11, 2025

NTLM Hash Disclosure Spoofing Vulnerability

External Control of File Name or Path

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21406 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Dangling pointer

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21407 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-21410 8.8 - High - February 11, 2025

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21414 7 - High - February 11, 2025

Windows Core Messaging Elevation of Privileges Vulnerability

Heap-based Buffer Overflow

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

CVE-2025-21419 7.1 - High - February 11, 2025

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

insecure temporary file

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

CVE-2025-21420 7.8 - High - February 11, 2025

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

insecure temporary file

Windows Storage Elevation of Privilege Vulnerability

CVE-2025-21391 7.1 - High - February 11, 2025

Windows Storage Elevation of Privilege Vulnerability

insecure temporary file

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2025-21418 7.8 - High - February 11, 2025

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21417 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21413 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21411 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21409 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows upnphost.dll Denial of Service Vulnerability

CVE-2025-21389 7.5 - High - January 14, 2025

Windows upnphost.dll Denial of Service Vulnerability

Resource Exhaustion

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2025-21382 7.8 - High - January 14, 2025

Windows Graphics Component Elevation of Privilege Vulnerability

Integer Overflow or Wraparound

Windows CSC Service Elevation of Privilege Vulnerability

CVE-2025-21378 7.8 - High - January 14, 2025

Windows CSC Service Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows CSC Service Information Disclosure Vulnerability

CVE-2025-21374 5.5 - Medium - January 14, 2025

Windows CSC Service Information Disclosure Vulnerability

Out-of-bounds Read

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21241 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21341 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

CVE-2025-21340 5.5 - Medium - January 14, 2025

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Authorization

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21339 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

GDI+ Remote Code Execution Vulnerability

CVE-2025-21338 7.8 - High - January 14, 2025

GDI+ Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Cryptographic Information Disclosure Vulnerability

CVE-2025-21336 5.6 - Medium - January 14, 2025

Windows Cryptographic Information Disclosure Vulnerability

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21332 8.8 - High - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-21331 7.3 - High - January 14, 2025

Windows Installer Elevation of Privilege Vulnerability

insecure temporary file

Windows Remote Desktop Services Denial of Service Vulnerability

CVE-2025-21330 7.5 - High - January 14, 2025

Windows Remote Desktop Services Denial of Service Vulnerability

Resource Exhaustion

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21328 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21327 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21324 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21323 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21321 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21320 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21319 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21318 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21317 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21316 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21329 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Smart Card Reader Information Disclosure Vulnerability

CVE-2025-21312 2.4 - Low - January 14, 2025

Windows Smart Card Reader Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21310 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-21309 8.1 - High - January 14, 2025

Windows Remote Desktop Services Remote Code Execution Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Windows Themes Spoofing Vulnerability

CVE-2025-21308 6.5 - Medium - January 14, 2025

Windows Themes Spoofing Vulnerability

Information Disclosure

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

CVE-2025-21307 9.8 - Critical - January 14, 2025

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

Dangling pointer

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21306 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21305 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21303 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21302 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Geolocation Service Information Disclosure Vulnerability

CVE-2025-21301 6.5 - Medium - January 14, 2025

Windows Geolocation Service Information Disclosure Vulnerability

Authorization

Windows upnphost.dll Denial of Service Vulnerability

CVE-2025-21300 7.5 - High - January 14, 2025

Windows upnphost.dll Denial of Service Vulnerability

Resource Exhaustion

Windows Kerberos Security Feature Bypass Vulnerability

CVE-2025-21299 7.8 - High - January 14, 2025

Windows Kerberos Security Feature Bypass Vulnerability

Insecure Storage of Sensitive Information

Windows OLE Remote Code Execution Vulnerability

CVE-2025-21298 9.8 - Critical - January 14, 2025

Windows OLE Remote Code Execution Vulnerability

Dangling pointer

Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-21297 8.1 - High - January 14, 2025

Windows Remote Desktop Services Remote Code Execution Vulnerability

Dangling pointer

BranchCache Remote Code Execution Vulnerability

CVE-2025-21296 7.5 - High - January 14, 2025

BranchCache Remote Code Execution Vulnerability

Dangling pointer

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

CVE-2025-21295 8.1 - High - January 14, 2025

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

Dangling pointer

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21294 8.1 - High - January 14, 2025

Microsoft Digest Authentication Remote Code Execution Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2025-21293 8.8 - High - January 14, 2025

Active Directory Domain Services Elevation of Privilege Vulnerability

Authorization

Windows Search Service Elevation of Privilege Vulnerability

CVE-2025-21292 8.8 - High - January 14, 2025

Windows Search Service Elevation of Privilege Vulnerability

Code Injection

Windows Direct Show Remote Code Execution Vulnerability

CVE-2025-21291 8.8 - High - January 14, 2025

Windows Direct Show Remote Code Execution Vulnerability

Double-free

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21290 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21289 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

Windows COM Server Information Disclosure Vulnerability

CVE-2025-21288 6.5 - Medium - January 14, 2025

Windows COM Server Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-21287 7.8 - High - January 14, 2025

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21286 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21285 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

NULL Pointer Dereference

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21252 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21251 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21250 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21249 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21248 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21246 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Out-of-bounds Read

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21245 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Out-of-bounds Read

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21228 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

IP Helper Denial of Service Vulnerability

CVE-2025-21231 7.5 - High - January 14, 2025

IP Helper Denial of Service Vulnerability

Resource Exhaustion

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21230 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Improper Input Validation

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21229 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21226 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

CVE-2025-21225 5.9 - Medium - January 14, 2025

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Object Type Confusion