Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-22T10:50:34Z

Freshness

2 hour(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4943

Current result set after filter and search.

Exploited Flagged

4193

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1535

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow356 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1535 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

January 2025

50 CVE | last update 2 hour(s) ago

Release 2025-01-14 Patch Tuesday Count 50

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-21231	IP Helper Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	IP Helper Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21278	Windows Remote Desktop Gateway (RD Gateway) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous SkorikARI VictorV(Tang tianwen) with Kunlun Lab
CVE-2025-21311	Windows NTLM V1 Exploitation Less Likely	CWE-303: Incorrect Implementation of Authentication Algorithm	Windows NTLM V1 Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Dylan Bickerstaff with below average
CVE-2025-21275	Windows App Package Installer Exploitation Less Likely	CWE-285: Improper Authorization	Windows App Package Installer Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21202	Windows Recovery Environment Agent Exploitation Less Likely	CWE-284: Improper Access Control	Windows Recovery Environment Agent Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Maxim Suhanov with CICADA8
CVE-2025-21301	Windows Geolocation Service Exploitation Less Likely	CWE-284: Improper Access Control	Windows Geolocation Service Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By André Schoorl and Bruno Pereira Vidal Bruno Pereira Vidal
CVE-2025-21293	Active Directory Domain Services Exploitation Less Likely	CWE-284: Improper Access Control	Active Directory Domain Services Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Sebastian Sadeq Birke with ReTest Security ApS
CVE-2025-21343	Windows Web Threat Defense User Service Exploitation Less Likely	CWE-269: Improper Privilege Management	Windows Web Threat Defense User Service Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Australian Signals Directorate
CVE-2025-21287	Windows Installer Exploitation Less Likely	CWE-269: Improper Privilege Management	Windows Installer Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-01-14	No	Reported By JaGoTu with DCIT, a.s.
CVE-2025-21284	Windows Virtual Trusted Platform Module Exploitation Less Likely	CWE-20: Improper Input Validation	Windows Virtual Trusted Platform Module Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By HongZhenhao with TianGong Team of Legendsec at Qi'anxin Group
CVE-2025-21280	Windows Virtual Trusted Platform Module Exploitation Less Likely	CWE-20: Improper Input Validation	Windows Virtual Trusted Platform Module Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By HongZhenhao with TianGong Team of Legendsec at Qi'anxin Group
CVE-2025-21235	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-20: Improper Input Validation	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Jongseong Kim (nevul37) with Ajou University & ENKI WhiteHat
CVE-2025-21234	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-20: Improper Input Validation	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Jongseong Kim (nevul37) with Ajou University & ENKI WhiteHat
CVE-2025-21230	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21336	Windows Cryptographic Exploitation Less Likely	CWE-203: Observable Discrepancy	Windows Cryptographic Information Disclosure Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21214	Windows BitLocker Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows BitLocker Information Disclosure Vulnerability CVSS vector: AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Maxim Suhanov with CICADA8
CVE-2025-21276	Windows MapUrlToZone Exploitation Less Likely	CWE-191: Integer Underflow (Wrap or Wraparound) CWE-693: Protection Mechanism Failure	Windows MapUrlToZone Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By George Hughey with MSRC Vulnerabilities & Mitigations
CVE-2025-21244	Windows Telephony Service Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21243	Windows Telephony Service Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21382	Windows Graphics Component Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Windows Graphics Component Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	-
CVE-2025-21338	GDI+ Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound	GDI+ Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Li Shuang and willJ with vulnerability research institute
CVE-2025-21271	Windows Cloud Files Mini Filter Driver Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By RanchoIce
CVE-2025-21277	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-126: Buffer Over-read	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-21257	Windows WLAN AutoConfig Service Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows WLAN AutoConfig Service Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21341	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Adel and Benjamin Rodes
CVE-2025-21327	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Adel and Benjamin Rodes
CVE-2025-21324	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Adel from MSRC V&M
CVE-2025-21310	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Adel and Benjamin Rodes
CVE-2025-21265	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21263	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21261	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21260	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21258	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21256	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read CWE-122: Heap-based Buffer Overflow	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21255	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21249	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21232	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21229	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21228	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21227	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21226	Windows Digital Media Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Zhihua Wen with CyberKunLun
CVE-2025-21374	Windows CSC Service Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows CSC Service Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-01-14	No	Reported By Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Inkyu Yang, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan
CVE-2025-21417	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21413	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21411	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21409	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21339	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21306	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21305	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous
CVE-2025-21303	Windows Telephony Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Telephony Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-01-14	No	Reported By Anonymous