VYPR

Windows 11 23h2

by Microsoft

Source repositories

CVEs (2,235)

  • CVE-2025-59508Nov 11, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59507Nov 11, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59506Nov 11, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59505Nov 11, 2025
    risk 0.00cvss epss 0.00

    Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59289Oct 14, 2025
    risk 0.00cvss epss 0.00

    Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59278Oct 14, 2025
    risk 0.00cvss epss 0.00

    Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59275Oct 14, 2025
    risk 0.00cvss epss 0.00

    Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59261Oct 14, 2025
    risk 0.00cvss epss 0.00

    Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59253Oct 14, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

  • CVE-2025-59244Oct 14, 2025
    risk 0.00cvss epss 0.01

    External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-59214Oct 14, 2025
    risk 0.00cvss epss 0.02

    Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-59209Oct 14, 2025
    risk 0.00cvss epss 0.00

    Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.

  • CVE-2025-59208Oct 14, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-59205Oct 14, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59203Oct 14, 2025
    risk 0.00cvss epss 0.00

    Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.

  • CVE-2025-59198Oct 14, 2025
    risk 0.00cvss epss 0.00

    Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

  • CVE-2025-59197Oct 14, 2025
    risk 0.00cvss epss 0.00

    Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.

  • CVE-2025-59194Oct 14, 2025
    risk 0.00cvss epss 0.02

    Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59193Oct 14, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59192Oct 14, 2025
    risk 0.00cvss epss 0.00

    Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.

Page 65 of 112