Windows Server 2003
by Microsoft
Source repositories
CVEs (4,745)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49685 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49684 | 0.00 | — | 0.00 | Jul 8, 2025 | Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally. | |||
| CVE-2025-49682 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Windows Media allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49681 | 0.00 | — | 0.01 | Jul 8, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-49680 | 0.00 | — | 0.00 | Jul 8, 2025 | Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally. | |||
| CVE-2025-49679 | 0.00 | — | 0.00 | Jul 8, 2025 | Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49678 | 0.00 | — | 0.00 | Jul 8, 2025 | Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49675 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49673 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-49669 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-49668 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-49667 | 0.00 | — | 0.00 | Jul 8, 2025 | Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49666 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network. | |||
| CVE-2025-49665 | 0.00 | — | 0.00 | Jul 8, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49664 | 0.00 | — | 0.01 | Jul 8, 2025 | Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally. | |||
| CVE-2025-49663 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-49660 | 0.00 | — | 0.00 | Jul 8, 2025 | Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49659 | 0.00 | — | 0.00 | Jul 8, 2025 | Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-48823 | 0.00 | — | 0.01 | Jul 8, 2025 | Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-48822 | 0.00 | — | 0.01 | Jul 8, 2025 | Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. |
- CVE-2025-49685Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-49684Jul 8, 2025risk 0.00cvss —epss 0.00
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
- CVE-2025-49682Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
- CVE-2025-49681Jul 8, 2025risk 0.00cvss —epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-49680Jul 8, 2025risk 0.00cvss —epss 0.00
Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.
- CVE-2025-49679Jul 8, 2025risk 0.00cvss —epss 0.00
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.
- CVE-2025-49678Jul 8, 2025risk 0.00cvss —epss 0.00
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.
- CVE-2025-49675Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-49673Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49669Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49668Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49667Jul 8, 2025risk 0.00cvss —epss 0.00
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
- CVE-2025-49666Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.
- CVE-2025-49665Jul 8, 2025risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.
- CVE-2025-49664Jul 8, 2025risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.
- CVE-2025-49663Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49660Jul 8, 2025risk 0.00cvss —epss 0.00
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
- CVE-2025-49659Jul 8, 2025risk 0.00cvss —epss 0.00
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
- CVE-2025-48823Jul 8, 2025risk 0.00cvss —epss 0.01
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.
- CVE-2025-48822Jul 8, 2025risk 0.00cvss —epss 0.01
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Page 188 of 238