CVE-2025-47962 Windows SDK Elevation of Privilege Vulnerability
Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally.
CVE-2025-32724 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
CVE-2025-47169 Microsoft Word Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-33070 Windows Netlogon Elevation of Privilege Vulnerability
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-33071 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-32722 Windows Storage Port Driver Information Disclosure Vulnerability
Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.
CVE-2025-47168 Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-33069 Windows App Control for Business Security Feature Bypass Vulnerability
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-47956 Windows Security App Spoofing Vulnerability
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
CVE-2025-32721 Windows Recovery Driver Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.
