Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-22T10:50:34Z

Freshness

2 hour(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4943

Current result set after filter and search.

Exploited Flagged

4193

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1535

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow356 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1535 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

February 2025

6 CVE | last update 2 hour(s) ago

Release 2025-02-11 Patch Tuesday Count 6

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-21208	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-02-11	No	Reported By Anonymous
CVE-2025-21414	Windows Core Messaging Exploitation More Likely	CWE-122: Heap-based Buffer Overflow	Windows Core Messaging Elevation of Privileges Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-02-11	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-21184	Windows Core Messaging Exploitation More Likely	CWE-122: Heap-based Buffer Overflow	Windows Core Messaging Elevation of Privileges Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-02-11	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-21418	Windows Ancillary Function Driver for WinSock Exploitation Detected	CWE-122: Heap-based Buffer Overflow	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-02-11	Yes	Reported By Anonymous
CVE-2025-21369	Microsoft Digest Authentication Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound	Microsoft Digest Authentication Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-02-11	No	Reported By Yuki Chen
CVE-2025-21368	Microsoft Digest Authentication Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Microsoft Digest Authentication Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-02-11	No	Reported By Yuki Chen

Release Month

January 2025

44 CVE | last update 2 hour(s) ago

Release 2025-01-29 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-21396	Microsoft Account N/A	CWE-862: Missing Authorization	Microsoft Account Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C	2025-01-29	No	Reported By M1n9K1n9 with APT250

Release 2025-01-18 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-46981	Redis' Lua library commands may lead to No latest release note	CWE-416: Use After Free	Redis' Lua library commands may lead to remote code execution CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	2025-01-18	-	-

Release 2025-01-16 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-21325	Windows Secure Kernel Mode Exploitation Less Likely	CWE-732: Incorrect Permission Assignment for Critical Resource	Windows Secure Kernel Mode Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-16	No	Reported By Maxime Villard, of M.O.R.S.E.

Release 2025-01-14 Patch Tuesday Count 41

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-21292	Windows Search Service Exploitation More Likely	CWE-94: Improper Control of Generation of Code ('Code Injection')	Windows Search Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Microsoft Offensive Research & Security Engineering
CVE-2025-21312	Windows Smart Card Reader Exploitation Less Likely	CWE-908: Use of Uninitialized Resource	Windows Smart Card Reader Information Disclosure Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21288	Windows COM Server Exploitation Less Likely	CWE-908: Use of Uninitialized Resource	Windows COM Server Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21272	Windows COM Server Exploitation Less Likely	CWE-908: Use of Uninitialized Resource	Windows COM Server Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21220	Microsoft Message Queuing Exploitation Less Likely	CWE-908: Use of Uninitialized Resource	Microsoft Message Queuing Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Bastian Kanbach with SSE - Secure Systems Engineering GmbH
CVE-2025-21225	Windows Remote Desktop Gateway (RD Gateway) Exploitation Less Likely	CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By ʌ!ↄ⊥ojv with Kunlun Lab
CVE-2025-21326	Internet Explorer Exploitation Less Likely	CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')	Internet Explorer Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Quan Jin with DBAPPSecurity WeBin Lab
CVE-2025-21313	Windows Security Account Manager (SAM) Exploitation Less Likely	CWE-833: Deadlock	Windows Security Account Manager (SAM) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Internal with Microsoft
CVE-2025-21210	Windows BitLocker Exploitation More Likely	CWE-636: Not Failing Securely ('Failing Open')	Windows BitLocker Information Disclosure Vulnerability CVSS vector: AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Maxim Suhanov with CICADA8
CVE-2025-21331	Windows Installer Exploitation Less Likely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Windows Installer Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Simon Zuckerbraun of Trend Micro Zero Day Initiative
CVE-2025-21274	Windows Event Tracing Exploitation Less Likely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Windows Event Tracing Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Filip Dragović
CVE-2025-21309	Windows Remote Desktop Services Exploitation More Likely	CWE-591: Sensitive Data Storage in Improperly Locked Memory	Windows Remote Desktop Services Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By VictorV(Tang tianwen) with Kunlun Lab k0shl with Kunlun Lab
CVE-2025-21224	Windows Line Printer Daemon (LPD) Service Exploitation Less Likely	CWE-591: Sensitive Data Storage in Improperly Locked Memory CWE-416: Use After Free	Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21294	Microsoft Digest Authentication Exploitation Less Likely	CWE-591: Sensitive Data Storage in Improperly Locked Memory	Microsoft Digest Authentication Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yuki Chen
CVE-2025-21323	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21321	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yarden Shafir
CVE-2025-21320	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yarden Shafir
CVE-2025-21319	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yarden Shafir
CVE-2025-21318	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yarden Shafir
CVE-2025-21317	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yarden Shafir
CVE-2025-21316	Windows Kernel Memory Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yarden Shafir
CVE-2025-21285	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-476: NULL Pointer Dereference	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21297	Windows Remote Desktop Services Exploitation Less Likely	CWE-416: Use After Free	Windows Remote Desktop Services Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By VictorV(Tang tianwen) with Kunlun Lab
CVE-2025-21307	Windows Reliable Multicast Transport Driver (RMCAST) Exploitation Less Likely	CWE-416: Use After Free	Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Kyle Westhaus with Microsoft Offensive Research & Security Engineering (MORSE)
CVE-2025-21298	Windows OLE Exploitation More Likely	CWE-416: Use After Free	Windows OLE Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Jmini, Rotiple, D4m0n with Trend Micro Zero Day Initiative
CVE-2025-21335	Windows Hyper-V NT Kernel Integration VSP Exploitation Detected	CWE-416: Use After Free	Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	Yes	-
CVE-2025-21334	Windows Hyper-V NT Kernel Integration VSP Exploitation Detected	CWE-416: Use After Free	Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	Yes	-
CVE-2025-21295	SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Exploitation Less Likely	CWE-416: Use After Free	SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Yuki Chen
CVE-2025-21304	Microsoft DWM Core Library Exploitation Less Likely	CWE-416: Use After Free	Microsoft DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Varun Goel
CVE-2025-21281	Microsoft COM for Windows Exploitation Less Likely	CWE-416: Use After Free	Microsoft COM for Windows Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhang WangJunJie, He YiSheng with Hillstone Network Security Research Institute
CVE-2025-21372	Microsoft Brokering File System Exploitation Less Likely	CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By hazard
CVE-2025-21315	Microsoft Brokering File System Exploitation More Likely	CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By hazard
CVE-2025-21291	Windows Direct Show Exploitation Less Likely	CWE-415: Double Free	Windows Direct Show Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Mozilla
CVE-2025-21389	Windows Universal Plug and Play (UPnP) Device Host Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-21300	Windows Universal Plug and Play (UPnP) Device Host Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-21330	Windows Remote Desktop Services Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Remote Desktop Services Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By ʌ!ↄ⊥ojv with Kunlun Lab
CVE-2025-21207	Windows Connected Devices Platform Service (Cdpsvc) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By CSIRT MON Eduardo Berlanga (seqode)
CVE-2025-21290	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21289	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21270	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21251	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab