Security Vulnerabilities - CVEs Published In April 2025
Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.
CVSS Score
6.5
EPSS Score
0.01
Published
2025-04-08
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.8
EPSS Score
0.013
Published
2025-04-08
Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.013
Published
2025-04-08
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.002
Published
2025-04-08
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.424
Published
2025-04-08
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-04-08