Windows_server_2025 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Windows_server_2025
(Microsoft)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	582

Date	Id	Summary	Products	Score	Patch	Annotated
2025-07-08	CVE-2025-49664	Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	5.5
2025-07-08	CVE-2025-49683	Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-07-08	CVE-2025-49665	Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-07-08	CVE-2025-49684	Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	5.5
2025-07-08	CVE-2025-49667	Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-07-08	CVE-2025-49666	Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.	Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.2
2025-07-08	CVE-2025-49668	Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.	Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	8.8
2025-07-08	CVE-2025-49669	Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.	Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	8.8
2025-07-08	CVE-2025-49670	Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.	Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	6.5
2025-07-08	CVE-2025-49671	Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.	Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	6.5