VYPR

Windows Server 2025

by Microsoft

CVEs (1,296)

  • CVE-2025-54098Sep 9, 2025
    risk 0.00cvss epss 0.03

    Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54094Sep 9, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54093Sep 9, 2025
    risk 0.00cvss epss 0.00

    Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54092Sep 9, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54091Sep 9, 2025
    risk 0.00cvss epss 0.00

    Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53810Sep 9, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53809Sep 9, 2025
    risk 0.00cvss epss 0.01

    Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

  • CVE-2025-53808Sep 9, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53807Sep 9, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53806Sep 9, 2025
    risk 0.00cvss epss 0.01

    Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-53805Sep 9, 2025
    risk 0.00cvss epss 0.01

    Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.

  • CVE-2025-53804Sep 9, 2025
    risk 0.00cvss epss 0.01

    Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

  • CVE-2025-53803Sep 9, 2025
    risk 0.00cvss epss 0.01

    Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.

  • CVE-2025-53802Sep 9, 2025
    risk 0.00cvss epss 0.00

    Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53800Sep 9, 2025
    risk 0.00cvss epss 0.00

    No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53796Sep 9, 2025
    risk 0.00cvss epss 0.01

    Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-55236Sep 9, 2025
    risk 0.00cvss epss 0.00

    Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally.

  • CVE-2025-55228Sep 9, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

  • CVE-2025-55226Sep 9, 2025
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally.

  • CVE-2025-55225Sep 9, 2025
    risk 0.00cvss epss 0.01

    Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Page 37 of 65