Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2025-29808: Windows Cryptographic Services Information Disclosure Vulnerability

Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.

Microsoft Security Response Center
#vulnerability#windows#auth#Windows Cryptographic Services#Security Vulnerability
CVE-2025-29804: Visual Studio Elevation of Privilege Vulnerability

Improper access control in Visual Studio allows an unauthorized attacker to elevate privileges locally.

CVE-2025-29803: Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain the privileges of the authenticated user.

CVE-2025-27739: Windows Kernel Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-27736: Windows Power Dependency Coordinator Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

CVE-2025-27732: Windows Graphics Component Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.