Security Vulnerabilities - CVEs Published In July 2025
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.005
Published
2025-07-08
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.011
Published
2025-07-08
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.008
Published
2025-07-08
Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.008
Published
2025-07-08
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.004
Published
2025-07-08
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.
CVSS Score
6.5
EPSS Score
0.006
Published
2025-07-08
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.004
Published
2025-07-08
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.8
EPSS Score
0.005
Published
2025-07-08
Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-07-08
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-07-08