Security Vulnerabilities - CVEs Published In March 2025
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-03-11
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
6.5
EPSS Score
0.007
Published
2025-03-11
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
CVSS Score
6.6
EPSS Score
0.003
Published
2025-03-11
CVE-2025-24991
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
Known exploited
CVSS Score
5.5
EPSS Score
0.014
Published
2025-03-11
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.005
Published
2025-03-11
CVE-2025-24993
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.017
Published
2025-03-11
CVE-2025-24984
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
Known exploited
CVSS Score
4.6
EPSS Score
0.028
Published
2025-03-11
CVE-2025-24985
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.017
Published
2025-03-11
Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.
CVSS Score
6.5
EPSS Score
0.005
Published
2025-03-11
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
CVSS Score
6.6
EPSS Score
0.005
Published
2025-03-11