CVE-2025-48822
- EPSS 0.58%
- Veröffentlicht 08.07.2025 16:57:47
- Zuletzt bearbeitet 15.07.2025 14:37:44
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2025-48823
- EPSS 0.56%
- Veröffentlicht 08.07.2025 16:57:47
- Zuletzt bearbeitet 13.02.2026 20:17:30
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.
CVE-2025-48820
- EPSS 0.4%
- Veröffentlicht 08.07.2025 16:57:46
- Zuletzt bearbeitet 15.07.2025 14:38:40
Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.
CVE-2025-48821
- EPSS 0.44%
- Veröffentlicht 08.07.2025 16:57:46
- Zuletzt bearbeitet 15.07.2025 14:38:22
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2025-48819
- EPSS 0.33%
- Veröffentlicht 08.07.2025 16:57:45
- Zuletzt bearbeitet 15.07.2025 14:39:12
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2025-48818
- EPSS 0.41%
- Veröffentlicht 08.07.2025 16:57:44
- Zuletzt bearbeitet 15.07.2025 14:39:28
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2025-48816
- EPSS 0.35%
- Veröffentlicht 08.07.2025 16:57:43
- Zuletzt bearbeitet 15.07.2025 14:42:40
Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.
CVE-2025-48811
- EPSS 0.26%
- Veröffentlicht 08.07.2025 16:57:42
- Zuletzt bearbeitet 15.07.2025 14:34:34
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2025-48814
- EPSS 1.01%
- Veröffentlicht 08.07.2025 16:57:42
- Zuletzt bearbeitet 15.07.2025 14:43:35
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-48810
- EPSS 0.45%
- Veröffentlicht 08.07.2025 16:57:41
- Zuletzt bearbeitet 15.07.2025 14:35:31
Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.