| CVE-2025-49719 | Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network. | high |
| CVE-2025-49718 | Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network. | high |
| CVE-2025-49717 | Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network. | high |
| CVE-2025-49716 | Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network. | medium |
| CVE-2025-49714 | Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49711 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49706 | Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | medium |
| CVE-2025-49705 | Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49704 | Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | high |
| CVE-2025-49703 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49702 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49701 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | high |
| CVE-2025-49700 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49699 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49698 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49697 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49696 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49695 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49694 | Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49693 | Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49691 | Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network. | high |
| CVE-2025-49690 | Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally. | high |
| CVE-2025-49689 | Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | high |
| CVE-2025-49688 | Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49687 | Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49686 | Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49685 | Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49684 | Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-49683 | Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-49682 | Use after free in Windows Media allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49681 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | medium |
| CVE-2025-49680 | Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally. | high |
| CVE-2025-49679 | Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49678 | Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49677 | Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49676 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49675 | Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49674 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49673 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49672 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49671 | Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | medium |
| CVE-2025-49669 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49668 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49667 | Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49666 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network. | high |
| CVE-2025-49665 | Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49664 | Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-49663 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-49661 | Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-49660 | Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. | high |
