Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-21298 (GCVE-0-2025-21298)
Vulnerability from cvelistv5 – Published: 2025-01-14 18:03 – Updated: 2026-02-26 19:09
VLAI?
EPSS
Title
Windows OLE Remote Code Execution Vulnerability
Summary
Windows OLE Remote Code Execution Vulnerability
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.20890
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2025-01-14 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21298",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-01T04:55:32.527334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T19:09:23.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.20890",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7699",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6775",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.5371",
"status": "affected",
"version": "10.0.19044.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.5371",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.4751",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.4751",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.4751",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.2894",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.27520",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.27520",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.23070",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.23070",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25273",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25273",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.22371",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.22371",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7699",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.7699",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6775",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.6775",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.3091",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.1369",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.2894",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.2894",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6775",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6775",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6775",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3091",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.5371",
"versionStartIncluding": "10.0.19044.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.4751",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.5371",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.2894",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.4751",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.4751",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1369",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.2894",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.2894",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20890",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7699",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7699",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7699",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.23070",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.23070",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.27520",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.27520",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25273",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25273",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22371",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22371",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-01-14T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows OLE Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T19:55:50.735Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows OLE Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298"
}
],
"title": "Windows OLE Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-21298",
"datePublished": "2025-01-14T18:03:51.083Z",
"dateReserved": "2024-12-10T23:54:12.949Z",
"dateUpdated": "2026-02-26T19:09:23.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-21298\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2025-01-14T18:15:52.080\",\"lastModified\":\"2025-01-24T21:48:49.880\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Windows OLE Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Windows OLE\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.10240.20890\",\"matchCriteriaId\":\"D5C2C390-24E9-42C9-84BF-EE28670CAB30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.10240.20890\",\"matchCriteriaId\":\"C0B9C790-A26D-4EBD-B5CA-F0C628835A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.7699\",\"matchCriteriaId\":\"DE0F44E5-40C1-4BE3-BBA4-507564182682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.7699\",\"matchCriteriaId\":\"83F40BB6-BBAE-4CD4-A5FE-1DAF690101AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.17763.6775\",\"matchCriteriaId\":\"1BB028F9-A802-40C7-97BF-1D169291678F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.17763.6775\",\"matchCriteriaId\":\"9F077951-8177-4FEE-A49A-76E51AE48CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.5371\",\"matchCriteriaId\":\"5D64D2C7-51C3-47EB-B86E-75172846F4DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.5371\",\"matchCriteriaId\":\"BC92CC57-B18C-43C3-8180-9A2108407433\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.4751\",\"matchCriteriaId\":\"D84EDF98-16E1-412A-9879-2C2FEF87FB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22631.4751\",\"matchCriteriaId\":\"282E3839-E953-4B14-A860-DBACC1E99AFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.26100.2894\",\"matchCriteriaId\":\"78A3F671-95DC-442A-A511-1E875DF93546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F422A8C-2C4E-42C8-B420-E0728037E15C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.14393.7699\",\"matchCriteriaId\":\"DA4426DD-B748-4CC4-AC68-88AD963E5F0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.6775\",\"matchCriteriaId\":\"8F604C79-6A12-44C9-B69D-A2E323641079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.20348.3091\",\"matchCriteriaId\":\"7B8C9C82-359E-4318-A10D-AA47CDFB38FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.25398.1369\",\"matchCriteriaId\":\"E3E0C061-2DA7-4237-9607-F6792DC92DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.2894\",\"matchCriteriaId\":\"2CFD18D5-3C1F-4E3A-A143-EE3F1FFBB880\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21298\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-01T04:55:32.527334Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-15T19:38:22.096Z\"}}], \"cna\": {\"title\": \"Windows OLE Remote Code Execution Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1507\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.10240.0\", \"lessThan\": \"10.0.10240.20890\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1607\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7699\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.6775\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19044.0\", \"lessThan\": \"10.0.19044.5371\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.5371\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22621.0\", \"lessThan\": \"10.0.22621.4751\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.4751\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.4751\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 24H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.2894\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 R2 Service Pack 1\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.7601.0\", \"lessThan\": \"6.1.7601.27520\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 R2 Service Pack 1 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.7601.0\", \"lessThan\": \"6.1.7601.27520\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.23070\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.23070\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.25273\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.25273\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.22371\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.22371\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7699\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7699\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.6775\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.6775\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.3091\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.1369\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.2894\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.2894\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2025-01-14T08:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298\", \"name\": \"Windows OLE Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Windows OLE Remote Code Execution Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416: Use After Free\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.6775\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.6775\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.6775\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.20348.3091\", \"versionStartIncluding\": \"10.0.20348.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19044.5371\", \"versionStartIncluding\": \"10.0.19044.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22621.4751\", \"versionStartIncluding\": \"10.0.22621.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19045.5371\", \"versionStartIncluding\": \"10.0.19045.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.2894\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.4751\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.4751\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.25398.1369\", \"versionStartIncluding\": \"10.0.25398.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.2894\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.2894\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.10240.20890\", \"versionStartIncluding\": \"10.0.10240.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.7699\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.7699\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.7699\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.0.6003.23070\", \"versionStartIncluding\": \"6.0.6003.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.0.6003.23070\", \"versionStartIncluding\": \"6.0.6003.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.7601.27520\", \"versionStartIncluding\": \"6.1.7601.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.7601.27520\", \"versionStartIncluding\": \"6.1.7601.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.9200.25273\", \"versionStartIncluding\": \"6.2.9200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.9200.25273\", \"versionStartIncluding\": \"6.2.9200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.22371\", \"versionStartIncluding\": \"6.3.9600.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.22371\", \"versionStartIncluding\": \"6.3.9600.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2026-02-13T19:55:50.735Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-21298\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T19:09:23.019Z\", \"dateReserved\": \"2024-12-10T23:54:12.949Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2025-01-14T18:03:51.083Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2025-AVI-0039
Vulnerability from certfr_avis - Published: 2025-01-15 - Updated: 2025-01-15
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Microsoft indique que les vulnérabilités CVE-2025-21333, CVE-2025-21334 et CVE-2025-21335 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22371 | ||
| Microsoft | Windows | Windows Server 2025 versions antérieures à 10.0.26100.2894 | ||
| Microsoft | Windows | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.2894 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23070 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.6775 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 1.007 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25273 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.5371 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.7699 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.7699 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 1.007 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 1.007 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.2894 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.23070 | ||
| Microsoft | Windows | Windows Server 2019 versions antérieures à 10.0.17763.6775 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.6775 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.2894 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.5371 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.4751 | ||
| Microsoft | Windows | Windows Server 2012 versions antérieures à 1.003 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.23070 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 1.007 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.3091 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22621.4751 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) versions antérieures à 1.003 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.6775 | ||
| Microsoft | Windows | Windows Server 2012 R2 versions antérieures à 1.002 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 1.003 | ||
| Microsoft | Windows | Windows Server 2022 versions antérieures à 10.0.20348.3091 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.5371 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.5371 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.4751 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.4751 | ||
| Microsoft | Windows | Windows Server 2012 versions antérieures à 6.2.9200.25273 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1369 | ||
| Microsoft | Windows | Windows Server 2016 versions antérieures à 10.0.14393.7699 | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.20890 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27520 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.5371 | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) versions antérieures à 1.002 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27520 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.7699 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 1.003 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23070 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.20890 | ||
| Microsoft | Windows | Windows Server 2012 R2 versions antérieures à 6.3.9600.22371 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.5371 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.2894",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.2894",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23070",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.6775",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 1.007",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25273",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.5371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.7699",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.7699",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.007",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.007",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.2894",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23070",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.6775",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.6775",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.2894",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.5371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.4751",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 1.003",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23070",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 1.007",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.3091",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.4751",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 1.003",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.6775",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 1.002",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 1.003",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.3091",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.5371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.5371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.4751",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.4751",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25273",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1369",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.7699",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.20890",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27520",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.5371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.002",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27520",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.7699",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 1.003",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23070",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.20890",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.5371",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-21220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21220"
},
{
"name": "CVE-2025-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21245"
},
{
"name": "CVE-2025-21231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21231"
},
{
"name": "CVE-2025-21242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21242"
},
{
"name": "CVE-2025-21285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21285"
},
{
"name": "CVE-2025-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21413"
},
{
"name": "CVE-2025-21334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21334"
},
{
"name": "CVE-2025-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21296"
},
{
"name": "CVE-2025-21223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21223"
},
{
"name": "CVE-2025-21321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21321"
},
{
"name": "CVE-2025-21331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21331"
},
{
"name": "CVE-2025-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21248"
},
{
"name": "CVE-2025-21278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21278"
},
{
"name": "CVE-2025-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21303"
},
{
"name": "CVE-2025-21326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21326"
},
{
"name": "CVE-2025-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21210"
},
{
"name": "CVE-2025-21218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21218"
},
{
"name": "CVE-2025-21251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21251"
},
{
"name": "CVE-2025-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21372"
},
{
"name": "CVE-2025-21323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21323"
},
{
"name": "CVE-2025-21240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21240"
},
{
"name": "CVE-2025-21317",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21317"
},
{
"name": "CVE-2025-21318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21318"
},
{
"name": "CVE-2025-21176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21176"
},
{
"name": "CVE-2025-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21374"
},
{
"name": "CVE-2025-21389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21389"
},
{
"name": "CVE-2025-21263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21263"
},
{
"name": "CVE-2025-21315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21315"
},
{
"name": "CVE-2025-21319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21319"
},
{
"name": "CVE-2025-21280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21280"
},
{
"name": "CVE-2025-21298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21298"
},
{
"name": "CVE-2025-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21239"
},
{
"name": "CVE-2024-7344",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7344"
},
{
"name": "CVE-2025-21266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21266"
},
{
"name": "CVE-2025-21332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21332"
},
{
"name": "CVE-2025-21274",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21274"
},
{
"name": "CVE-2025-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21249"
},
{
"name": "CVE-2025-21189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21189"
},
{
"name": "CVE-2025-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21301"
},
{
"name": "CVE-2025-21309",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21309"
},
{
"name": "CVE-2025-21268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21268"
},
{
"name": "CVE-2025-21310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21310"
},
{
"name": "CVE-2025-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21290"
},
{
"name": "CVE-2025-21287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21287"
},
{
"name": "CVE-2025-21234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21234"
},
{
"name": "CVE-2025-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21417"
},
{
"name": "CVE-2025-21171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21171"
},
{
"name": "CVE-2025-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21293"
},
{
"name": "CVE-2025-21275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21275"
},
{
"name": "CVE-2025-21225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21225"
},
{
"name": "CVE-2025-21244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21244"
},
{
"name": "CVE-2025-21228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21228"
},
{
"name": "CVE-2025-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21271"
},
{
"name": "CVE-2025-21307",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21307"
},
{
"name": "CVE-2025-21316",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21316"
},
{
"name": "CVE-2025-21255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21255"
},
{
"name": "CVE-2025-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21378"
},
{
"name": "CVE-2025-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21299"
},
{
"name": "CVE-2025-21330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21330"
},
{
"name": "CVE-2025-21224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21224"
},
{
"name": "CVE-2025-21211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21211"
},
{
"name": "CVE-2025-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21235"
},
{
"name": "CVE-2025-21277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21277"
},
{
"name": "CVE-2025-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21270"
},
{
"name": "CVE-2025-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21339"
},
{
"name": "CVE-2025-21333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21333"
},
{
"name": "CVE-2025-21257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21257"
},
{
"name": "CVE-2025-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21370"
},
{
"name": "CVE-2025-21227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21227"
},
{
"name": "CVE-2025-21324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21324"
},
{
"name": "CVE-2025-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21256"
},
{
"name": "CVE-2025-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21304"
},
{
"name": "CVE-2025-21215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21215"
},
{
"name": "CVE-2025-21327",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21327"
},
{
"name": "CVE-2025-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21236"
},
{
"name": "CVE-2025-21202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21202"
},
{
"name": "CVE-2025-21214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21214"
},
{
"name": "CVE-2025-21273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21273"
},
{
"name": "CVE-2025-21311",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21311"
},
{
"name": "CVE-2025-21243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21243"
},
{
"name": "CVE-2025-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21297"
},
{
"name": "CVE-2025-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21213"
},
{
"name": "CVE-2025-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21291"
},
{
"name": "CVE-2025-21276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21276"
},
{
"name": "CVE-2025-21260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21260"
},
{
"name": "CVE-2025-21320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21320"
},
{
"name": "CVE-2025-21258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21258"
},
{
"name": "CVE-2025-21411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21411"
},
{
"name": "CVE-2025-21292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21292"
},
{
"name": "CVE-2025-21281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21281"
},
{
"name": "CVE-2025-21238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21238"
},
{
"name": "CVE-2025-21284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21284"
},
{
"name": "CVE-2025-21229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21229"
},
{
"name": "CVE-2025-21306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21306"
},
{
"name": "CVE-2025-21336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21336"
},
{
"name": "CVE-2025-21338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21338"
},
{
"name": "CVE-2025-21313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21313"
},
{
"name": "CVE-2025-21343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21343"
},
{
"name": "CVE-2025-21329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21329"
},
{
"name": "CVE-2025-21335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21335"
},
{
"name": "CVE-2025-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21302"
},
{
"name": "CVE-2025-21314",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21314"
},
{
"name": "CVE-2025-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21207"
},
{
"name": "CVE-2025-21289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21289"
},
{
"name": "CVE-2025-21272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21272"
},
{
"name": "CVE-2025-21288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21288"
},
{
"name": "CVE-2025-21246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21246"
},
{
"name": "CVE-2025-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21193"
},
{
"name": "CVE-2025-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21219"
},
{
"name": "CVE-2025-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21409"
},
{
"name": "CVE-2025-21252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21252"
},
{
"name": "CVE-2025-21269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21269"
},
{
"name": "CVE-2025-21382",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21382"
},
{
"name": "CVE-2025-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21282"
},
{
"name": "CVE-2025-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21294"
},
{
"name": "CVE-2025-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21217"
},
{
"name": "CVE-2025-21237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21237"
},
{
"name": "CVE-2025-21328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21328"
},
{
"name": "CVE-2025-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21305"
},
{
"name": "CVE-2025-21233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21233"
},
{
"name": "CVE-2025-21286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21286"
},
{
"name": "CVE-2025-21261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21261"
},
{
"name": "CVE-2025-21300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21300"
},
{
"name": "CVE-2025-21232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21232"
},
{
"name": "CVE-2025-21172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21172"
},
{
"name": "CVE-2025-21226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21226"
},
{
"name": "CVE-2025-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21295"
},
{
"name": "CVE-2025-21250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21250"
},
{
"name": "CVE-2025-21230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21230"
},
{
"name": "CVE-2025-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21340"
},
{
"name": "CVE-2025-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21265"
},
{
"name": "CVE-2025-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21341"
},
{
"name": "CVE-2025-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21241"
},
{
"name": "CVE-2025-21312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21312"
},
{
"name": "CVE-2025-21308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21308"
}
],
"initial_release_date": "2025-01-15T00:00:00",
"last_revision_date": "2025-01-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0039",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nMicrosoft indique que les vuln\u00e9rabilit\u00e9s CVE-2025-21333, CVE-2025-21334 et CVE-2025-21335 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21249",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21249"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21244"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21300",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21300"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21276",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21276"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21340",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21340"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21189",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21189"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21287",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21287"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21277",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21277"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21382",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21382"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21248",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21248"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21295",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21295"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21310",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21310"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21246",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21246"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21255",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21255"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21218",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21218"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21294",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21294"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21250",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21250"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21321",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21321"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21305",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21305"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21220",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21220"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21260",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21260"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21338",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21338"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21214",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21214"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21223",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21223"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21171",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21171"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21372",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21372"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21304",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21304"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21241",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21241"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21252",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21252"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21327",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21327"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21299",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21299"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21323",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21323"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21378",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21378"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21411",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21411"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21258",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21258"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21275",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21275"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21281",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21281"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21282",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21282"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21302",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21302"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21202",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21202"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21314",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21314"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21239",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21239"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21224",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21224"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21290",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21290"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21228",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21228"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21242",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21242"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-7344",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7344"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21176",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21176"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21225",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21225"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21284",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21284"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21330",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21330"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21318",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21318"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21409",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21409"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21331",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21331"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21232",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21232"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21263",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21263"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21272",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21272"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21413",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21413"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21293",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21193",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21193"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21236",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21236"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21296",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21296"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21234",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21234"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21341",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21341"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21285",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21285"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21213",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21213"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21243",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21243"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21308",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21308"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21312",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21312"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21245",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21245"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21233",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21233"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21251",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21251"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21207",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21207"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21227",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21227"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21237",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21237"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21215",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21215"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21374",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21374"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21315",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21315"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21333",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21333"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21339",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21339"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21326",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21326"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21269",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21269"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21288",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21288"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21343",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21343"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21257",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21257"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21271",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21271"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21306",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21306"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21389",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21389"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21370",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21370"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21291",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21291"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21270",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21270"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21229",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21229"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21266",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21266"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21324",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21324"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21238",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21238"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21289"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21301",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21301"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21311",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21311"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21336",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21336"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21217",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21217"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21317",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21317"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21329",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21329"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21332",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21332"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21273",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21273"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21256",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21256"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21328",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21328"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21230",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21230"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21335",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21335"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21231",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21231"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21240",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21240"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21292",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21292"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21334",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21334"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21226",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21226"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21261",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21261"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21297",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21297"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21319",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21319"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21303",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21303"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21417",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21417"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21235",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21235"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21274",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21274"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21211",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21211"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21210",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21210"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21320",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21320"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21313",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21313"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21172",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21172"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21219",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21219"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21268",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21268"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21307",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21307"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21286",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21286"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21278",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21278"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21280",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21280"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21298",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21316",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21316"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21265",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21265"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-21309",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21309"
}
]
}
FKIE_CVE-2025-21298
Vulnerability from fkie_nvd - Published: 2025-01-14 18:15 - Updated: 2025-01-24 21:48
Severity ?
Summary
Windows OLE Remote Code Execution Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_10_1507 | * | |
| microsoft | windows_10_1507 | * | |
| microsoft | windows_10_1607 | * | |
| microsoft | windows_10_1607 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_21h2 | * | |
| microsoft | windows_10_22h2 | * | |
| microsoft | windows_11_22h2 | * | |
| microsoft | windows_11_23h2 | * | |
| microsoft | windows_11_24h2 | * | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_server_2008 | r2 | |
| microsoft | windows_server_2012 | - | |
| microsoft | windows_server_2012 | r2 | |
| microsoft | windows_server_2016 | * | |
| microsoft | windows_server_2019 | * | |
| microsoft | windows_server_2022 | * | |
| microsoft | windows_server_2022_23h2 | * | |
| microsoft | windows_server_2025 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5C2C390-24E9-42C9-84BF-EE28670CAB30",
"versionEndExcluding": "10.0.10240.20890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "C0B9C790-A26D-4EBD-B5CA-F0C628835A21",
"versionEndExcluding": "10.0.10240.20890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "DE0F44E5-40C1-4BE3-BBA4-507564182682",
"versionEndExcluding": "10.0.14393.7699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "83F40BB6-BBAE-4CD4-A5FE-1DAF690101AB",
"versionEndExcluding": "10.0.14393.7699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "1BB028F9-A802-40C7-97BF-1D169291678F",
"versionEndExcluding": "10.0.17763.6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "9F077951-8177-4FEE-A49A-76E51AE48CE0",
"versionEndExcluding": "10.0.17763.6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D64D2C7-51C3-47EB-B86E-75172846F4DF",
"versionEndExcluding": "10.0.19044.5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC92CC57-B18C-43C3-8180-9A2108407433",
"versionEndExcluding": "10.0.19045.5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D84EDF98-16E1-412A-9879-2C2FEF87FB2B",
"versionEndExcluding": "10.0.22621.4751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "282E3839-E953-4B14-A860-DBACC1E99AFF",
"versionEndExcluding": "10.0.22631.4751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78A3F671-95DC-442A-A511-1E875DF93546",
"versionEndExcluding": "10.0.26100.2894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4426DD-B748-4CC4-AC68-88AD963E5F0C",
"versionEndExcluding": "10.0.14393.7699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F604C79-6A12-44C9-B69D-A2E323641079",
"versionEndExcluding": "10.0.17763.6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8C9C82-359E-4318-A10D-AA47CDFB38FE",
"versionEndExcluding": "10.0.20348.3091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3E0C061-2DA7-4237-9607-F6792DC92DD3",
"versionEndExcluding": "10.0.25398.1369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "2CFD18D5-3C1F-4E3A-A143-EE3F1FFBB880",
"versionEndExcluding": "10.0.26100.2894",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows OLE Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Windows OLE"
}
],
"id": "CVE-2025-21298",
"lastModified": "2025-01-24T21:48:49.880",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2025-01-14T18:15:52.080",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2025-0091
Vulnerability from csaf_certbund - Published: 2025-01-14 23:00 - Updated: 2025-03-25 23:00Summary
Microsoft Windows: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Windows ist ein Betriebssystem von Microsoft.
Angriff: Ein Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Spoofing-Angriff durchzuführen, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - Appliance
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Windows ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Spoofing-Angriff durchzuf\u00fchren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0091 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0091.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0091 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0091"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-301 vom 2025-03-25",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2025/01.html"
}
],
"source_lang": "en-US",
"title": "Microsoft Windows: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-25T23:00:00.000+00:00",
"generator": {
"date": "2025-03-26T09:08:12.558+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0091",
"initial_release_date": "2025-01-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-15T23:00:00.000+00:00",
"number": "2",
"summary": "Titel angepasst"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "3",
"summary": "Zusammenfassung allgemeiner gefasst"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "4",
"summary": "PoC aufgenommen"
},
{
"date": "2025-02-23T23:00:00.000+00:00",
"number": "5",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2025-03-24T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2025-03-25T23:00:00.000+00:00",
"number": "7",
"summary": "Produktauswahl Hitachi korrigiert"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Virtual Storage Platform",
"product": {
"name": "Hitachi Virtual Storage Platform",
"product_id": "T011055",
"product_identification_helper": {
"cpe": "cpe:/h:hitachi:virtual_storage_platform:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows 10",
"product": {
"name": "Microsoft Windows 10",
"product_id": "T040301",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:-"
}
}
},
{
"category": "product_version",
"name": "Version 1607",
"product": {
"name": "Microsoft Windows 10 Version 1607",
"product_id": "T040303",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1607"
}
}
},
{
"category": "product_version",
"name": "Version 1809",
"product": {
"name": "Microsoft Windows 10 Version 1809",
"product_id": "T040304",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1809"
}
}
},
{
"category": "product_version",
"name": "Version 21H2",
"product": {
"name": "Microsoft Windows 10 Version 21H2",
"product_id": "T040307",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_21h2"
}
}
},
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 10 Version 22H2",
"product_id": "T040309",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_22h2"
}
}
}
],
"category": "product_name",
"name": "Windows 10"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 11 Version 22H2",
"product_id": "T040308",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_22h2"
}
}
},
{
"category": "product_version",
"name": "Version 23H2",
"product": {
"name": "Microsoft Windows 11 Version 23H2",
"product_id": "T040310",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_23h2"
}
}
},
{
"category": "product_version",
"name": "Version 24H2",
"product": {
"name": "Microsoft Windows 11 Version 24H2",
"product_id": "T040312",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_24h2"
}
}
}
],
"category": "product_name",
"name": "Windows 11"
},
{
"branches": [
{
"category": "product_version",
"name": "2008 R2 SP1",
"product": {
"name": "Microsoft Windows Server 2008 R2 SP1",
"product_id": "T040297",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_r2_sp1"
}
}
},
{
"category": "product_version",
"name": "2008 SP2",
"product": {
"name": "Microsoft Windows Server 2008 SP2",
"product_id": "T040298",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_sp2"
}
}
},
{
"category": "product_version",
"name": "2025",
"product": {
"name": "Microsoft Windows Server 2025",
"product_id": "T040313",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2025"
}
}
}
],
"category": "product_name",
"name": "Windows Server"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012",
"product": {
"name": "Microsoft Windows Server 2012",
"product_id": "T040299",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012 R2",
"product": {
"name": "Microsoft Windows Server 2012 R2",
"product_id": "T040300",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012_r2:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2016",
"product": {
"name": "Microsoft Windows Server 2016",
"product_id": "T040302",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2016:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2019",
"product": {
"name": "Microsoft Windows Server 2019",
"product_id": "T040305",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2019:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows Server 2022",
"product": {
"name": "Microsoft Windows Server 2022",
"product_id": "T040306",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:-"
}
}
},
{
"category": "product_version",
"name": "23H2 Edition",
"product": {
"name": "Microsoft Windows Server 2022 23H2 Edition",
"product_id": "T040311",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:23h2_edition"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7344",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-7344"
},
{
"cve": "CVE-2025-21189",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21189"
},
{
"cve": "CVE-2025-21193",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21193"
},
{
"cve": "CVE-2025-21202",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21202"
},
{
"cve": "CVE-2025-21207",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21207"
},
{
"cve": "CVE-2025-21210",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21210"
},
{
"cve": "CVE-2025-21211",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21211"
},
{
"cve": "CVE-2025-21213",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21213"
},
{
"cve": "CVE-2025-21214",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21214"
},
{
"cve": "CVE-2025-21215",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21215"
},
{
"cve": "CVE-2025-21217",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21217"
},
{
"cve": "CVE-2025-21218",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21218"
},
{
"cve": "CVE-2025-21219",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21219"
},
{
"cve": "CVE-2025-21220",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21220"
},
{
"cve": "CVE-2025-21223",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21223"
},
{
"cve": "CVE-2025-21224",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21224"
},
{
"cve": "CVE-2025-21225",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21225"
},
{
"cve": "CVE-2025-21226",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21226"
},
{
"cve": "CVE-2025-21227",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21227"
},
{
"cve": "CVE-2025-21228",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21228"
},
{
"cve": "CVE-2025-21229",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21229"
},
{
"cve": "CVE-2025-21230",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21230"
},
{
"cve": "CVE-2025-21231",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21231"
},
{
"cve": "CVE-2025-21232",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21232"
},
{
"cve": "CVE-2025-21233",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21233"
},
{
"cve": "CVE-2025-21234",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21234"
},
{
"cve": "CVE-2025-21235",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21235"
},
{
"cve": "CVE-2025-21236",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21236"
},
{
"cve": "CVE-2025-21237",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21237"
},
{
"cve": "CVE-2025-21238",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21238"
},
{
"cve": "CVE-2025-21239",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21239"
},
{
"cve": "CVE-2025-21240",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21240"
},
{
"cve": "CVE-2025-21241",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21241"
},
{
"cve": "CVE-2025-21242",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21242"
},
{
"cve": "CVE-2025-21243",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21243"
},
{
"cve": "CVE-2025-21244",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21244"
},
{
"cve": "CVE-2025-21245",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21245"
},
{
"cve": "CVE-2025-21246",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21246"
},
{
"cve": "CVE-2025-21248",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21248"
},
{
"cve": "CVE-2025-21249",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21249"
},
{
"cve": "CVE-2025-21250",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21250"
},
{
"cve": "CVE-2025-21251",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21251"
},
{
"cve": "CVE-2025-21252",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21252"
},
{
"cve": "CVE-2025-21255",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21255"
},
{
"cve": "CVE-2025-21256",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21256"
},
{
"cve": "CVE-2025-21257",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21257"
},
{
"cve": "CVE-2025-21258",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21258"
},
{
"cve": "CVE-2025-21260",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21260"
},
{
"cve": "CVE-2025-21261",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21261"
},
{
"cve": "CVE-2025-21263",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21263"
},
{
"cve": "CVE-2025-21265",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21265"
},
{
"cve": "CVE-2025-21266",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21266"
},
{
"cve": "CVE-2025-21268",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21268"
},
{
"cve": "CVE-2025-21269",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21269"
},
{
"cve": "CVE-2025-21270",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21270"
},
{
"cve": "CVE-2025-21271",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21271"
},
{
"cve": "CVE-2025-21272",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21272"
},
{
"cve": "CVE-2025-21273",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21273"
},
{
"cve": "CVE-2025-21274",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21274"
},
{
"cve": "CVE-2025-21275",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21275"
},
{
"cve": "CVE-2025-21276",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21276"
},
{
"cve": "CVE-2025-21277",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21277"
},
{
"cve": "CVE-2025-21278",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21278"
},
{
"cve": "CVE-2025-21280",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21280"
},
{
"cve": "CVE-2025-21281",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21281"
},
{
"cve": "CVE-2025-21282",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21282"
},
{
"cve": "CVE-2025-21284",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21284"
},
{
"cve": "CVE-2025-21285",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21285"
},
{
"cve": "CVE-2025-21286",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21286"
},
{
"cve": "CVE-2025-21287",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21287"
},
{
"cve": "CVE-2025-21288",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21288"
},
{
"cve": "CVE-2025-21289",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21289"
},
{
"cve": "CVE-2025-21290",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21290"
},
{
"cve": "CVE-2025-21291",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21291"
},
{
"cve": "CVE-2025-21292",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21292"
},
{
"cve": "CVE-2025-21293",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21293"
},
{
"cve": "CVE-2025-21294",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21294"
},
{
"cve": "CVE-2025-21295",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21295"
},
{
"cve": "CVE-2025-21296",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21296"
},
{
"cve": "CVE-2025-21297",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21297"
},
{
"cve": "CVE-2025-21298",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21298"
},
{
"cve": "CVE-2025-21299",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21299"
},
{
"cve": "CVE-2025-21300",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21300"
},
{
"cve": "CVE-2025-21301",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21301"
},
{
"cve": "CVE-2025-21302",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21302"
},
{
"cve": "CVE-2025-21303",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21303"
},
{
"cve": "CVE-2025-21304",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21304"
},
{
"cve": "CVE-2025-21305",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21305"
},
{
"cve": "CVE-2025-21306",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21306"
},
{
"cve": "CVE-2025-21307",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21307"
},
{
"cve": "CVE-2025-21308",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21308"
},
{
"cve": "CVE-2025-21309",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21309"
},
{
"cve": "CVE-2025-21310",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21310"
},
{
"cve": "CVE-2025-21311",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21311"
},
{
"cve": "CVE-2025-21312",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21312"
},
{
"cve": "CVE-2025-21313",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21313"
},
{
"cve": "CVE-2025-21314",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21314"
},
{
"cve": "CVE-2025-21315",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21315"
},
{
"cve": "CVE-2025-21316",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21316"
},
{
"cve": "CVE-2025-21317",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21317"
},
{
"cve": "CVE-2025-21318",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21318"
},
{
"cve": "CVE-2025-21319",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21319"
},
{
"cve": "CVE-2025-21320",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21320"
},
{
"cve": "CVE-2025-21321",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21321"
},
{
"cve": "CVE-2025-21323",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21323"
},
{
"cve": "CVE-2025-21324",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21324"
},
{
"cve": "CVE-2025-21325",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21325"
},
{
"cve": "CVE-2025-21326",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21326"
},
{
"cve": "CVE-2025-21327",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21327"
},
{
"cve": "CVE-2025-21328",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21328"
},
{
"cve": "CVE-2025-21329",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21329"
},
{
"cve": "CVE-2025-21330",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21330"
},
{
"cve": "CVE-2025-21331",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21331"
},
{
"cve": "CVE-2025-21332",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21332"
},
{
"cve": "CVE-2025-21333",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21333"
},
{
"cve": "CVE-2025-21334",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21334"
},
{
"cve": "CVE-2025-21335",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21335"
},
{
"cve": "CVE-2025-21336",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21336"
},
{
"cve": "CVE-2025-21338",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21338"
},
{
"cve": "CVE-2025-21339",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21339"
},
{
"cve": "CVE-2025-21340",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21340"
},
{
"cve": "CVE-2025-21341",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21341"
},
{
"cve": "CVE-2025-21343",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21343"
},
{
"cve": "CVE-2025-21370",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21370"
},
{
"cve": "CVE-2025-21372",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21372"
},
{
"cve": "CVE-2025-21374",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21374"
},
{
"cve": "CVE-2025-21378",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21378"
},
{
"cve": "CVE-2025-21382",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21382"
},
{
"cve": "CVE-2025-21389",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21389"
},
{
"cve": "CVE-2025-21409",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21409"
},
{
"cve": "CVE-2025-21411",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21411"
},
{
"cve": "CVE-2025-21413",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21413"
},
{
"cve": "CVE-2025-21417",
"product_status": {
"known_affected": [
"T040309",
"T040308",
"T040307",
"T040306",
"T040305",
"T011055",
"T040304",
"T040303",
"T040302",
"T040313",
"T040301",
"T040312",
"T040300",
"T040311",
"T040299",
"T040310",
"T040298",
"T040297"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21417"
}
]
}
MSRC_CVE-2025-21298
Vulnerability from csaf_microsoft - Published: 2025-01-14 08:00 - Updated: 2025-01-22 08:00Summary
Windows OLE Remote Code Execution Vulnerability
Severity
Critical
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.
9.8 (Critical)
Vendor Fix
10.0.17763.6775:Security Update:https://support.microsoft.com/help/5050008
https://support.microsoft.com/help/5050008
Vendor Fix
10.0.20348.3091:Security Update:https://support.microsoft.com/help/5049983
https://support.microsoft.com/help/5049983
Vendor Fix
10.0.19044.5371:Security Update:https://support.microsoft.com/help/5049981
https://support.microsoft.com/help/5049981
Vendor Fix
10.0.22621.4751:Security Update:https://support.microsoft.com/help/5050021
https://support.microsoft.com/help/5050021
Vendor Fix
10.0.19045.5371:Security Update:https://support.microsoft.com/help/5049981
https://support.microsoft.com/help/5049981
Vendor Fix
10.0.26100.2894:Security Update:https://support.microsoft.com/help/5050009
https://support.microsoft.com/help/5050009
Vendor Fix
10.0.22631.4751:Security Update:https://support.microsoft.com/help/5050021
https://support.microsoft.com/help/5050021
Vendor Fix
10.0.25398.1369:Security Update:https://support.microsoft.com/help/5049984
https://support.microsoft.com/help/5049984
Vendor Fix
10.0.10240.20890:Security Update:https://support.microsoft.com/help/5050013
https://support.microsoft.com/help/5050013
Vendor Fix
10.0.14393.7699:Security Update:https://support.microsoft.com/help/5049993
https://support.microsoft.com/help/5049993
Vendor Fix
6.0.6003.23070:Monthly Rollup:https://support.microsoft.com/help/5050063
https://support.microsoft.com/help/5050063
Vendor Fix
6.0.6003.23070:Security Only:https://support.microsoft.com/help/5050061
https://support.microsoft.com/help/5050061
Vendor Fix
6.1.7601.27520:Monthly Rollup:https://support.microsoft.com/help/5050049
https://support.microsoft.com/help/5050049
Vendor Fix
6.1.7601.27520:Security Only:https://support.microsoft.com/help/5050006
https://support.microsoft.com/help/5050006
Vendor Fix
6.2.9200.25273:Monthly Rollup:https://support.microsoft.com/help/5050004
https://support.microsoft.com/help/5050004
Vendor Fix
6.3.9600.22371:Monthly Rollup:https://support.microsoft.com/help/5050048
https://support.microsoft.com/help/5050048
References
| URL | Category | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Acknowledgments
<a href="https://twitter.com/thezdi">Jmini, Rotiple, D4m0n</a> with <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a>
{
"document": {
"acknowledgments": [
{
"names": [
"\u003ca href=\"https://twitter.com/thezdi\"\u003eJmini, Rotiple, D4m0n\u003c/a\u003e with \u003ca href=\"https://www.zerodayinitiative.com/\"\u003eTrend Micro Zero Day Initiative\u003c/a\u003e"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298"
},
{
"category": "self",
"summary": "CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-21298.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Windows OLE Remote Code Execution Vulnerability",
"tracking": {
"current_release_date": "2025-01-22T08:00:00.000Z",
"generator": {
"date": "2026-01-06T16:32:40.784Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-21298",
"initial_release_date": "2025-01-14T08:00:00.000Z",
"revision_history": [
{
"date": "2025-01-14T08:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-01-22T08:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Corrected one or more links in the FAQ. This is an informational change only."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.6775",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems \u003c10.0.17763.6775",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "10.0.17763.6775",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems 10.0.17763.6775",
"product_id": "11568"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.6775",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems \u003c10.0.17763.6775",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "10.0.17763.6775",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems 10.0.17763.6775",
"product_id": "11569"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.6775",
"product": {
"name": "Windows Server 2019 \u003c10.0.17763.6775",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "10.0.17763.6775",
"product": {
"name": "Windows Server 2019 10.0.17763.6775",
"product_id": "11571"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.6775",
"product": {
"name": "Windows Server 2019 (Server Core installation) \u003c10.0.17763.6775",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "10.0.17763.6775",
"product": {
"name": "Windows Server 2019 (Server Core installation) 10.0.17763.6775",
"product_id": "11572"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.3091",
"product": {
"name": "Windows Server 2022 \u003c10.0.20348.3091",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "10.0.20348.3091",
"product": {
"name": "Windows Server 2022 10.0.20348.3091",
"product_id": "11923"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.3091",
"product": {
"name": "Windows Server 2022 (Server Core installation) \u003c10.0.20348.3091",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "10.0.20348.3091",
"product": {
"name": "Windows Server 2022 (Server Core installation) 10.0.20348.3091",
"product_id": "11924"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.5371",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems \u003c10.0.19044.5371",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "10.0.19044.5371",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.5371",
"product_id": "11929"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.5371",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems \u003c10.0.19044.5371",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "10.0.19044.5371",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.5371",
"product_id": "11930"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.5371",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems \u003c10.0.19044.5371",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "10.0.19044.5371",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems 10.0.19044.5371",
"product_id": "11931"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22621.4751",
"product": {
"name": "Windows 11 Version 22H2 for ARM64-based Systems \u003c10.0.22621.4751",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "10.0.22621.4751",
"product": {
"name": "Windows 11 Version 22H2 for ARM64-based Systems 10.0.22621.4751",
"product_id": "12085"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22621.4751",
"product": {
"name": "Windows 11 Version 22H2 for x64-based Systems \u003c10.0.22621.4751",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "10.0.22621.4751",
"product": {
"name": "Windows 11 Version 22H2 for x64-based Systems 10.0.22621.4751",
"product_id": "12086"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.5371",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems \u003c10.0.19045.5371",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "10.0.19045.5371",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems 10.0.19045.5371",
"product_id": "12097"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.5371",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems \u003c10.0.19045.5371",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "10.0.19045.5371",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.5371",
"product_id": "12098"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.5371",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems \u003c10.0.19045.5371",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "10.0.19045.5371",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.5371",
"product_id": "12099"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.2894",
"product": {
"name": "Windows Server 2025 (Server Core installation) \u003c10.0.26100.2894",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "10.0.26100.2894",
"product": {
"name": "Windows Server 2025 (Server Core installation) 10.0.26100.2894",
"product_id": "12437"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.4751",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems \u003c10.0.22631.4751",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "10.0.22631.4751",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.4751",
"product_id": "12242"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.4751",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems \u003c10.0.22631.4751",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "10.0.22631.4751",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems 10.0.22631.4751",
"product_id": "12243"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.25398.1369",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.1369",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "10.0.25398.1369",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.1369",
"product_id": "12244"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.2894",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems \u003c10.0.26100.2894",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "10.0.26100.2894",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.2894",
"product_id": "12389"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.2894",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems \u003c10.0.26100.2894",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "10.0.26100.2894",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems 10.0.26100.2894",
"product_id": "12390"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.2894",
"product": {
"name": "Windows Server 2025 \u003c10.0.26100.2894",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "10.0.26100.2894",
"product": {
"name": "Windows Server 2025 10.0.26100.2894",
"product_id": "12436"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.10240.20890",
"product": {
"name": "Windows 10 for 32-bit Systems \u003c10.0.10240.20890",
"product_id": "27"
}
},
{
"category": "product_version",
"name": "10.0.10240.20890",
"product": {
"name": "Windows 10 for 32-bit Systems 10.0.10240.20890",
"product_id": "10729"
}
}
],
"category": "product_name",
"name": "Windows 10 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.10240.20890",
"product": {
"name": "Windows 10 for x64-based Systems \u003c10.0.10240.20890",
"product_id": "26"
}
},
{
"category": "product_version",
"name": "10.0.10240.20890",
"product": {
"name": "Windows 10 for x64-based Systems 10.0.10240.20890",
"product_id": "10735"
}
}
],
"category": "product_name",
"name": "Windows 10 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.7699",
"product": {
"name": "Windows 10 Version 1607 for 32-bit Systems \u003c10.0.14393.7699",
"product_id": "24"
}
},
{
"category": "product_version",
"name": "10.0.14393.7699",
"product": {
"name": "Windows 10 Version 1607 for 32-bit Systems 10.0.14393.7699",
"product_id": "10852"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.7699",
"product": {
"name": "Windows 10 Version 1607 for x64-based Systems \u003c10.0.14393.7699",
"product_id": "23"
}
},
{
"category": "product_version",
"name": "10.0.14393.7699",
"product": {
"name": "Windows 10 Version 1607 for x64-based Systems 10.0.14393.7699",
"product_id": "10853"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.7699",
"product": {
"name": "Windows Server 2016 \u003c10.0.14393.7699",
"product_id": "25"
}
},
{
"category": "product_version",
"name": "10.0.14393.7699",
"product": {
"name": "Windows Server 2016 10.0.14393.7699",
"product_id": "10816"
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.7699",
"product": {
"name": "Windows Server 2016 (Server Core installation) \u003c10.0.14393.7699",
"product_id": "22"
}
},
{
"category": "product_version",
"name": "10.0.14393.7699",
"product": {
"name": "Windows Server 2016 (Server Core installation) 10.0.14393.7699",
"product_id": "10855"
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 \u003c6.0.6003.23070",
"product_id": "37"
}
},
{
"category": "product_version",
"name": "6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 6.0.6003.23070",
"product_id": "9312"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \u003c6.0.6003.23070",
"product_id": "32"
}
},
{
"category": "product_version",
"name": "6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 6.0.6003.23070",
"product_id": "10287"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 \u003c6.0.6003.23070",
"product_id": "36"
}
},
{
"category": "product_version",
"name": "6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 6.0.6003.23070",
"product_id": "9318"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for x64-based Systems Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \u003c6.0.6003.23070",
"product_id": "35"
}
},
{
"category": "product_version",
"name": "6.0.6003.23070",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 6.0.6003.23070",
"product_id": "9344"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.7601.27520",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 \u003c6.1.7601.27520",
"product_id": "33"
}
},
{
"category": "product_version",
"name": "6.1.7601.27520",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 6.1.7601.27520",
"product_id": "10051"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.7601.27520",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \u003c6.1.7601.27520",
"product_id": "34"
}
},
{
"category": "product_version",
"name": "6.1.7601.27520",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 6.1.7601.27520",
"product_id": "10049"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.9200.25273",
"product": {
"name": "Windows Server 2012 \u003c6.2.9200.25273",
"product_id": "31"
}
},
{
"category": "product_version",
"name": "6.2.9200.25273",
"product": {
"name": "Windows Server 2012 6.2.9200.25273",
"product_id": "10378"
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.9200.25273",
"product": {
"name": "Windows Server 2012 (Server Core installation) \u003c6.2.9200.25273",
"product_id": "30"
}
},
{
"category": "product_version",
"name": "6.2.9200.25273",
"product": {
"name": "Windows Server 2012 (Server Core installation) 6.2.9200.25273",
"product_id": "10379"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.9600.22371",
"product": {
"name": "Windows Server 2012 R2 \u003c6.3.9600.22371",
"product_id": "29"
}
},
{
"category": "product_version",
"name": "6.3.9600.22371",
"product": {
"name": "Windows Server 2012 R2 6.3.9600.22371",
"product_id": "10483"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.9600.22371",
"product": {
"name": "Windows Server 2012 R2 (Server Core installation) \u003c6.3.9600.22371",
"product_id": "28"
}
},
{
"category": "product_version",
"name": "6.3.9600.22371",
"product": {
"name": "Windows Server 2012 R2 (Server Core installation) 6.3.9600.22371",
"product_id": "10543"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21298",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted email to the victim. Exploitation of the vulnerability might involve either a victim opening a specially crafted email with an affected version of Microsoft Outlook software, or a victim\u0027s Outlook application displaying a preview of a specially crafted email . This could result in the attacker executing remote code on the victim\u0027s machine.",
"title": "How could an attacker exploit the vulnerability?"
},
{
"category": "faq",
"text": "Object Linking and Embedding (OLE) is a technology that allows embedding and linking to documents and other objects. For more information please visit: Object Linking and Embedding (OLE) Data Structures.",
"title": "What is OLE?"
}
],
"product_status": {
"fixed": [
"9312",
"9318",
"9344",
"10049",
"10051",
"10287",
"10378",
"10379",
"10483",
"10543",
"10729",
"10735",
"10816",
"10852",
"10853",
"10855",
"11568",
"11569",
"11571",
"11572",
"11923",
"11924",
"11929",
"11930",
"11931",
"12085",
"12086",
"12097",
"12098",
"12099",
"12242",
"12243",
"12244",
"12389",
"12390",
"12436",
"12437"
],
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298"
},
{
"category": "self",
"summary": "CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-21298.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.17763.6775:Security Update:https://support.microsoft.com/help/5050008",
"product_ids": [
"21",
"20",
"19",
"18"
],
"url": "https://support.microsoft.com/help/5050008"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.20348.3091:Security Update:https://support.microsoft.com/help/5049983",
"product_ids": [
"17",
"16"
],
"url": "https://support.microsoft.com/help/5049983"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.19044.5371:Security Update:https://support.microsoft.com/help/5049981",
"product_ids": [
"15",
"14",
"13"
],
"url": "https://support.microsoft.com/help/5049981"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.22621.4751:Security Update:https://support.microsoft.com/help/5050021",
"product_ids": [
"12",
"11"
],
"url": "https://support.microsoft.com/help/5050021"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.19045.5371:Security Update:https://support.microsoft.com/help/5049981",
"product_ids": [
"10",
"9",
"8"
],
"url": "https://support.microsoft.com/help/5049981"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.26100.2894:Security Update:https://support.microsoft.com/help/5050009",
"product_ids": [
"1",
"4",
"3",
"2"
],
"url": "https://support.microsoft.com/help/5050009"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.22631.4751:Security Update:https://support.microsoft.com/help/5050021",
"product_ids": [
"7",
"6"
],
"url": "https://support.microsoft.com/help/5050021"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.25398.1369:Security Update:https://support.microsoft.com/help/5049984",
"product_ids": [
"5"
],
"url": "https://support.microsoft.com/help/5049984"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.10240.20890:Security Update:https://support.microsoft.com/help/5050013",
"product_ids": [
"27",
"26"
],
"url": "https://support.microsoft.com/help/5050013"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "10.0.14393.7699:Security Update:https://support.microsoft.com/help/5049993",
"product_ids": [
"24",
"23",
"25",
"22"
],
"url": "https://support.microsoft.com/help/5049993"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "6.0.6003.23070:Monthly Rollup:https://support.microsoft.com/help/5050063",
"product_ids": [
"37",
"32",
"36",
"35"
],
"url": "https://support.microsoft.com/help/5050063"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "6.0.6003.23070:Security Only:https://support.microsoft.com/help/5050061",
"product_ids": [
"37",
"32",
"36",
"35"
],
"url": "https://support.microsoft.com/help/5050061"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "6.1.7601.27520:Monthly Rollup:https://support.microsoft.com/help/5050049",
"product_ids": [
"33",
"34"
],
"url": "https://support.microsoft.com/help/5050049"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "6.1.7601.27520:Security Only:https://support.microsoft.com/help/5050006",
"product_ids": [
"33",
"34"
],
"url": "https://support.microsoft.com/help/5050006"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "6.2.9200.25273:Monthly Rollup:https://support.microsoft.com/help/5050004",
"product_ids": [
"31",
"30"
],
"url": "https://support.microsoft.com/help/5050004"
},
{
"category": "vendor_fix",
"date": "2025-01-14T08:00:00.000Z",
"details": "6.3.9600.22371:Monthly Rollup:https://support.microsoft.com/help/5050048",
"product_ids": [
"29",
"28"
],
"url": "https://support.microsoft.com/help/5050048"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 8.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37"
]
}
],
"threats": [
{
"category": "impact",
"details": "Remote Code Execution"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely"
}
],
"title": "Windows OLE Remote Code Execution Vulnerability"
}
]
}
GHSA-F7P3-668R-J598
Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-01-14 18:32
VLAI?
Details
Windows OLE Remote Code Execution Vulnerability
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2025-21298"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T18:15:52Z",
"severity": "CRITICAL"
},
"details": "Windows OLE Remote Code Execution Vulnerability",
"id": "GHSA-f7p3-668r-j598",
"modified": "2025-01-14T18:32:04Z",
"published": "2025-01-14T18:32:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21298"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
BDU:2025-00539
Vulnerability from fstec - Published: 14.01.2025
VLAI Severity ?
Title
Уязвимость функции ole32.dll!UtOlePresStmToContentsStm компонента Windows OLE операционных систем Windows, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость функции ole32.dll!UtOlePresStmToContentsStm компонента Windows OLE операционных систем Windows связана с возможностью использования памяти после освобождения. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Severity ?
Vendor
Microsoft Corp
Software Name
Windows Server 2012, Windows Server 2012 R2, Windows Server 2008 R2 Service Pack 1, Windows 10, Windows Server 2008 R2 Service Pack 2, Windows 10 1607, Windows Server 2016, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows 10 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2008 R2 Service Pack 2 (Server Core installation), Windows 10 21H1, Windows Server 2022, Windows Server 2022 (Server Core installation), Windows 11 22H2, Windows 10 22H2, Windows Server 2012 (Server Core installation), Windows 11 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 24H2, Windows Server 2025, Windows Server 2025 (Server Core installation)
Software Version
- (Windows Server 2012), - (Windows Server 2012 R2), - (Windows Server 2008 R2 Service Pack 1), - (Windows 10), - (Windows Server 2008 R2 Service Pack 2), - (Windows 10 1607), - (Windows Server 2016), - (Windows Server 2012 R2 (Server Core installation)), - (Windows Server 2016 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 1 (Server Core installation)), - (Windows 10 1809), - (Windows Server 2019), - (Windows Server 2019 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 2 (Server Core installation)), - (Windows 10 21H1), - (Windows Server 2022), - (Windows Server 2022 (Server Core installation)), - (Windows 11 22H2), - (Windows 10 22H2), - (Windows Server 2012 (Server Core installation)), - (Windows 11 23H2), - (Windows Server 2022, 23H2 Edition (Server Core installation)), - (Windows 11 24H2), - (Windows Server 2025), - (Windows Server 2025 (Server Core installation))
Possible Mitigations
Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков.
Компенсирующие меры:
- использование средств межсетевого экранирования для ограничения удаленного доступа к уязвимому программному обеспечению;
- использование SIEM-систем для отслеживания попыток эксплуатации уязвимости.
- использование виртуальных частных сетей для организации удаленного доступа (VPN);
- ограничение доступа к устройствам из внешних сетей (Интернет).
Использование рекомендаций производителя:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298
Reference
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298
https://github.com/ynwarcs/CVE-2025-21298
https://github.com/Arkha-Corvus/LetsDefend-SOC336-Windows-OLE-Zero-Click-RCE-Exploitation-Detected-CVE-2025-21298-
CWE
CWE-416
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Windows Server 2012), - (Windows Server 2012 R2), - (Windows Server 2008 R2 Service Pack 1), - (Windows 10), - (Windows Server 2008 R2 Service Pack 2), - (Windows 10 1607), - (Windows Server 2016), - (Windows Server 2012 R2 (Server Core installation)), - (Windows Server 2016 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 1 (Server Core installation)), - (Windows 10 1809), - (Windows Server 2019), - (Windows Server 2019 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 2 (Server Core installation)), - (Windows 10 21H1), - (Windows Server 2022), - (Windows Server 2022 (Server Core installation)), - (Windows 11 22H2), - (Windows 10 22H2), - (Windows Server 2012 (Server Core installation)), - (Windows 11 23H2), - (Windows Server 2022, 23H2 Edition (Server Core installation)), - (Windows 11 24H2), - (Windows Server 2025), - (Windows Server 2025 (Server Core installation))",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432. \n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (VPN);\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.01.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "14.10.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.01.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-00539",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-21298",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Windows Server 2012, Windows Server 2012 R2, Windows Server 2008 R2 Service Pack 1, Windows 10, Windows Server 2008 R2 Service Pack 2, Windows 10 1607, Windows Server 2016, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows 10 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2008 R2 Service Pack 2 (Server Core installation), Windows 10 21H1, Windows Server 2022, Windows Server 2022 (Server Core installation), Windows 11 22H2, Windows 10 22H2, Windows Server 2012 (Server Core installation), Windows 11 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 24H2, Windows Server 2025, Windows Server 2025 (Server Core installation)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows Server 2012 - , Microsoft Corp Windows Server 2012 R2 - , Microsoft Corp Windows Server 2008 R2 Service Pack 1 - 64-bit, Microsoft Corp Windows 10 - 64-bit, Microsoft Corp Windows 10 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 2 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 2 - 64-bit, Microsoft Corp Windows 10 1607 - 64-bit, Microsoft Corp Windows 10 1607 - 32-bit, Microsoft Corp Windows Server 2016 - , Microsoft Corp Windows Server 2012 R2 (Server Core installation) - , Microsoft Corp Windows Server 2016 (Server Core installation) - , Microsoft Corp Windows Server 2008 R2 Service Pack 1 (Server Core installation) - 64-bit, Microsoft Corp Windows 10 1809 - 64-bit, Microsoft Corp Windows 10 1809 - 32-bit, Microsoft Corp Windows Server 2019 - , Microsoft Corp Windows Server 2019 (Server Core installation) - , Microsoft Corp Windows Server 2008 R2 Service Pack 2 (Server Core installation) - 64-bit, Microsoft Corp Windows 10 21H1 - 32-bit, Microsoft Corp Windows 10 21H1 - 64-bit, Microsoft Corp Windows 10 21H1 - ARM64, Microsoft Corp Windows Server 2022 - , Microsoft Corp Windows Server 2022 (Server Core installation) - , Microsoft Corp Windows 11 22H2 - 64-bit, Microsoft Corp Windows 11 22H2 - ARM64, Microsoft Corp Windows 10 22H2 - 64-bit, Microsoft Corp Windows 10 22H2 - ARM64, Microsoft Corp Windows 10 22H2 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 2 (Server Core installation) - 32-bit, Microsoft Corp Windows Server 2012 (Server Core installation) - , Microsoft Corp Windows 11 23H2 - 64-bit, Microsoft Corp Windows 11 23H2 - ARM64, Microsoft Corp Windows Server 2022, 23H2 Edition (Server Core installation) - , Microsoft Corp Windows 11 24H2 - 64-bit, Microsoft Corp Windows 11 24H2 - ARM64, Microsoft Corp Windows Server 2025 - , Microsoft Corp Windows Server 2025 (Server Core installation) - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ole32.dll!UtOlePresStmToContentsStm \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Windows OLE \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ole32.dll!UtOlePresStmToContentsStm \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Windows OLE \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298\nhttps://github.com/ynwarcs/CVE-2025-21298\nhttps://github.com/Arkha-Corvus/LetsDefend-SOC336-Windows-OLE-Zero-Click-RCE-Exploitation-Detected-CVE-2025-21298-",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
NCSC-2025-0010
Vulnerability from csaf_ncscnl - Published: 2025-01-14 19:09 - Updated: 2025-01-14 19:09Summary
Kwetsbaarheden verholpen in Microsoft Windows
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Microsoft heeft kwetsbaarheden verholpen in Windows.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial of Service (DoS)
- Omzeilen van beveiligingsmaatregel
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Systeemrechten)
- Toegang tot gevoelige gegevens
- Verkrijgen van verhoogde rechten
- Spoofing
Van de kwetsbaarheid met kenmerk CVE-2025-21308 geeft Microsoft aan informatie te hebben dat de kwetsbaarheid besproken wordt op gesloten fora. Deze kwetsbaarheid bevindt zich in het Thema-systeem en stelt een kwaadwillende in staat om zich voor te doen als het slachtoffer en mogelijk code uit te voeren in de context van het slachtoffer. Succesvol misbruik is niet eenvoudig en vereist dat de kwaadwillende het slachtoffer misleidt een malafide bestand te openen en bewerken. Grootschalig actief misbruik is daarmee onwaarschijnlijk.
```
Windows Security Account Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21313 | 6.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Web Threat Defense User Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21343 | 7.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Smart Card:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21312 | 2.40 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Windows Search Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21292 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows WLAN Auto Config Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21257 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Remote Desktop Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21297 | 8.10 | Uitvoeren van willekeurige code |
| CVE-2025-21309 | 8.10 | Uitvoeren van willekeurige code |
| CVE-2025-21278 | 6.20 | Denial-of-Service |
| CVE-2025-21330 | 7.50 | Denial-of-Service |
| CVE-2025-21225 | 5.90 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Virtual Trusted Platform Module:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21210 | 4.20 | Toegang tot gevoelige gegevens |
| CVE-2025-21280 | 5.50 | Denial-of-Service |
| CVE-2025-21284 | 5.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Kernel Memory:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21316 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21318 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21319 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21320 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21321 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21317 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21323 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows NTLM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21311 | 9.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Recovery Environment Agent:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21202 | 6.10 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Themes:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21308 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Secure Boot:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2024-7344 | 6.70 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Geolocation Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21301 | 6.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Virtualization-Based Security (VBS) Enclave:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21370 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Boot Loader:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21211 | 6.80 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows UPnP Device Host:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21389 | 7.50 | Denial-of-Service |
| CVE-2025-21300 | 7.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Microsoft Brokering File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21315 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21372 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Mark of the Web (MOTW):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21217 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Connected Devices Platform Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21207 | 7.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Active Directory Federation Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21193 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Microsoft Graphics Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21382 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows OLE:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21298 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows SmartScreen:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21314 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Line Printer Daemon Service (LPD):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21224 | 8.10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Direct Show:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21291 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Kerberos:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21242 | 5.90 | Toegang tot gevoelige gegevens |
| CVE-2025-21299 | 7.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21218 | 7.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Installer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21275 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21287 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21331 | 7.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cryptographic Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21336 | 5.60 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Win32K - GRFX:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21338 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Digital Media:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21249 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21255 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21258 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21260 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21263 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21265 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21327 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21341 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21226 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21227 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21228 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21229 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21232 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21256 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21261 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21310 | 6.60 | Verkrijgen van verhoogde rechten |
| CVE-2025-21324 | 6.60 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows PrintWorkflowUserSvc:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21234 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21235 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows MapUrlToZone:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21268 | 4.30 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21269 | 4.30 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21219 | 4.30 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21329 | 4.30 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21328 | 4.30 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21189 | 4.30 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-21276 | 7.50 | Denial-of-Service |
| CVE-2025-21332 | 4.30 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Active Directory Domain Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21293 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows COM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21272 | 6.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21281 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21288 | 6.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Event Tracing:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21274 | 5.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Hyper-V NT Kernel Integration VSP:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21335 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21333 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-21334 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Client-Side Caching (CSC) Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21374 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21378 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SPNEGO Extended Negotiation:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21295 | 8.10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Cloud Files Mini Filter Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21271 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
IP Helper:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21231 | 7.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Reliable Multicast Transport Driver (RMCAST):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21307 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Digest Authentication:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21294 | 8.10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows BitLocker:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21214 | 4.20 | Toegang tot gevoelige gegevens |
| CVE-2025-21213 | 4.60 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Internet Explorer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21326 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Telephony Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21411 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21413 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21233 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21236 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21237 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21239 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21241 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21243 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21244 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21248 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21252 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21266 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21282 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21302 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21303 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21306 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21273 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21286 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21305 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21339 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21246 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21417 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21250 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21240 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21238 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21223 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21409 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21245 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Message Queuing:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21251 | 7.50 | Denial-of-Service |
| CVE-2025-21270 | 7.50 | Denial-of-Service |
| CVE-2025-21277 | 7.50 | Denial-of-Service |
| CVE-2025-21285 | 7.50 | Denial-of-Service |
| CVE-2025-21289 | 7.50 | Denial-of-Service |
| CVE-2025-21290 | 7.50 | Denial-of-Service |
| CVE-2025-21220 | 7.50 | Toegang tot gevoelige gegevens |
| CVE-2025-21230 | 7.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21304 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Boot Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21215 | 4.60 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Hello:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21340 | 5.50 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
BranchCache:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21296 | 7.50 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
```
Oplossingen: Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Kans: medium
Schade: high
CWE-591: Sensitive Data Storage in Improperly Locked Memory
CWE-636: Not Failing Securely ('Failing Open')
CWE-59: Improper Link Resolution Before File Access ('Link Following')
CWE-922: Insecure Storage of Sensitive Information
CWE-191: Integer Underflow (Wrap or Wraparound)
CWE-126: Buffer Over-read
CWE-303: Incorrect Implementation of Authentication Algorithm
CWE-41: Improper Resolution of Path Equivalence
CWE-415: Double Free
CWE-908: Use of Uninitialized Resource
CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CWE-833: Deadlock
CWE-190: Integer Overflow or Wraparound
CWE-693: Protection Mechanism Failure
CWE-532: Insertion of Sensitive Information into Log File
CWE-451: User Interface (UI) Misrepresentation of Critical Information
CWE-285: Improper Authorization
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125: Out-of-bounds Read
CWE-352: Cross-Site Request Forgery (CSRF)
CWE-284: Improper Access Control
CWE-416: Use After Free
CWE-476: NULL Pointer Dereference
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-400: Uncontrolled Resource Consumption
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-122: Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-636
- Not Failing Securely ('Failing Open')
CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
CWE-125
- Out-of-bounds Read
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
CWE-190
- Integer Overflow or Wraparound
CWE-190
- Integer Overflow or Wraparound
CWE-122
- Heap-based Buffer Overflow
CWE-125
- Out-of-bounds Read
CWE-400
- Uncontrolled Resource Consumption
CWE-122
- Heap-based Buffer Overflow
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-122
- Heap-based Buffer Overflow
CWE-41
- Improper Resolution of Path Equivalence
CWE-41
- Improper Resolution of Path Equivalence
CWE-400
- Uncontrolled Resource Consumption
CWE-126
- Buffer Over-read
CWE-908
- Use of Uninitialized Resource
CWE-126
- Buffer Over-read
CWE-20
- Improper Input Validation
CWE-416
- Use After Free
CWE-122
- Heap-based Buffer Overflow
CWE-20
- Improper Input Validation
CWE-476
- NULL Pointer Dereference
CWE-908
- Use of Uninitialized Resource
CWE-400
- Uncontrolled Resource Consumption
CWE-400
- Uncontrolled Resource Consumption
CWE-415
- Double Free
CWE-284
- Improper Access Control
CWE-591
- Sensitive Data Storage in Improperly Locked Memory
CWE-416
- Use After Free
CWE-416
- Use After Free
9.8 (Critical)
CWE-922
- Insecure Storage of Sensitive Information
CWE-284
- Improper Access Control
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-416
- Use After Free
CWE-122
- Heap-based Buffer Overflow
CWE-451
- User Interface (UI) Misrepresentation of Critical Information
CWE-532
- Insertion of Sensitive Information into Log File
CWE-532
- Insertion of Sensitive Information into Log File
CWE-532
- Insertion of Sensitive Information into Log File
CWE-532
- Insertion of Sensitive Information into Log File
CWE-532
- Insertion of Sensitive Information into Log File
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-122
- Heap-based Buffer Overflow
CWE-41
- Improper Resolution of Path Equivalence
CWE-400
- Uncontrolled Resource Consumption
CWE-693
- Protection Mechanism Failure
CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-41
- Improper Resolution of Path Equivalence
CWE-41
- Improper Resolution of Path Equivalence
CWE-400
- Uncontrolled Resource Consumption
CWE-908
- Use of Uninitialized Resource
CWE-400
- Uncontrolled Resource Consumption
CWE-284
- Improper Access Control
CWE-693
- Protection Mechanism Failure
CWE-284
- Improper Access Control
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-400
- Uncontrolled Resource Consumption
CWE-400
- Uncontrolled Resource Consumption
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-125
- Out-of-bounds Read
CWE-41
- Improper Resolution of Path Equivalence
CWE-122
- Heap-based Buffer Overflow
CWE-59
- Improper Link Resolution Before File Access ('Link Following')
CWE-693
- Protection Mechanism Failure
CWE-122
- Heap-based Buffer Overflow
CWE-269
- Improper Privilege Management
CWE-94
- Improper Control of Generation of Code ('Code Injection')
CWE-400
- Uncontrolled Resource Consumption
CWE-122
- Heap-based Buffer Overflow
9.8 (Critical)
CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
CWE-125
- Out-of-bounds Read
CWE-908
- Use of Uninitialized Resource
CWE-532
- Insertion of Sensitive Information into Log File
CWE-125
- Out-of-bounds Read
CWE-59
- Improper Link Resolution Before File Access ('Link Following')
CWE-190
- Integer Overflow or Wraparound
CWE-122
- Heap-based Buffer Overflow
CWE-284
- Improper Access Control
CWE-125
- Out-of-bounds Read
CWE-122
- Heap-based Buffer Overflow
CWE-41
- Improper Resolution of Path Equivalence
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-122
- Heap-based Buffer Overflow
CWE-416
- Use After Free
CWE-591
- Sensitive Data Storage in Improperly Locked Memory
CWE-352
- Cross-Site Request Forgery (CSRF)
CWE-843
- Access of Resource Using Incompatible Type ('Type Confusion')
CWE-400
- Uncontrolled Resource Consumption
CWE-20
- Improper Input Validation
CWE-20
- Improper Input Validation
CWE-591
- Sensitive Data Storage in Improperly Locked Memory
CWE-285
- Improper Authorization
CWE-532
- Insertion of Sensitive Information into Log File
CWE-416
- Use After Free
CWE-122
- Heap-based Buffer Overflow
CWE-416
- Use After Free
CWE-269
- Improper Privilege Management
CWE-20
- Improper Input Validation
CWE-416
- Use After Free
CWE-416
- Use After Free
CWE-833
- Deadlock
CWE-843
- Access of Resource Using Incompatible Type ('Type Confusion')
9.8 (Critical)
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft kwetsbaarheden verholpen in Windows.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial of Service (DoS)\n- Omzeilen van beveiligingsmaatregel\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Systeemrechten)\n- Toegang tot gevoelige gegevens\n- Verkrijgen van verhoogde rechten\n- Spoofing\n\nVan de kwetsbaarheid met kenmerk CVE-2025-21308 geeft Microsoft aan informatie te hebben dat de kwetsbaarheid besproken wordt op gesloten fora. Deze kwetsbaarheid bevindt zich in het Thema-systeem en stelt een kwaadwillende in staat om zich voor te doen als het slachtoffer en mogelijk code uit te voeren in de context van het slachtoffer. Succesvol misbruik is niet eenvoudig en vereist dat de kwaadwillende het slachtoffer misleidt een malafide bestand te openen en bewerken. Grootschalig actief misbruik is daarmee onwaarschijnlijk. \n\n```\n\nWindows Security Account Manager: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21313 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Web Threat Defense User Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21343 | 7.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Smart Card: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21312 | 2.40 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows Search Component: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21292 | 8.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows WLAN Auto Config Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21257 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21297 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2025-21309 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2025-21278 | 6.20 | Denial-of-Service | \n| CVE-2025-21330 | 7.50 | Denial-of-Service | \n| CVE-2025-21225 | 5.90 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Virtual Trusted Platform Module: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21210 | 4.20 | Toegang tot gevoelige gegevens | \n| CVE-2025-21280 | 5.50 | Denial-of-Service | \n| CVE-2025-21284 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Kernel Memory: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21316 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21318 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21319 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21320 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21321 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21317 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21323 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows NTLM: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21311 | 9.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Recovery Environment Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21202 | 6.10 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Themes: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21308 | 6.50 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-7344 | 6.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Geolocation Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21301 | 6.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Virtualization-Based Security (VBS) Enclave: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21370 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Boot Loader: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21211 | 6.80 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows UPnP Device Host: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21389 | 7.50 | Denial-of-Service | \n| CVE-2025-21300 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nMicrosoft Brokering File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21315 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21372 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Mark of the Web (MOTW): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21217 | 6.50 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Connected Devices Platform Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21207 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nActive Directory Federation Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21193 | 6.50 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nMicrosoft Graphics Component: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21382 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows OLE: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21298 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows SmartScreen: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21314 | 6.50 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nLine Printer Daemon Service (LPD): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21224 | 8.10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Direct Show: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21291 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Kerberos: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21242 | 5.90 | Toegang tot gevoelige gegevens | \n| CVE-2025-21299 | 7.10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21218 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Installer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21275 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21287 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21331 | 7.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21336 | 5.60 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21338 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Digital Media: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21249 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21255 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21258 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21260 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21263 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21265 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21327 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21341 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21226 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21227 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21228 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21229 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21232 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21256 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21261 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21310 | 6.60 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21324 | 6.60 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows PrintWorkflowUserSvc: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21234 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21235 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows MapUrlToZone: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21268 | 4.30 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21269 | 4.30 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21219 | 4.30 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21329 | 4.30 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21328 | 4.30 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21189 | 4.30 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-21276 | 7.50 | Denial-of-Service | \n| CVE-2025-21332 | 4.30 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nActive Directory Domain Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21293 | 8.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows COM: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21272 | 6.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21281 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21288 | 6.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Event Tracing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21274 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V NT Kernel Integration VSP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21335 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21333 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-21334 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Client-Side Caching (CSC) Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21374 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21378 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SPNEGO Extended Negotiation: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21295 | 8.10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21271 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nIP Helper: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21231 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nReliable Multicast Transport Driver (RMCAST): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21307 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nMicrosoft Digest Authentication: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21294 | 8.10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows BitLocker: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21214 | 4.20 | Toegang tot gevoelige gegevens | \n| CVE-2025-21213 | 4.60 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nInternet Explorer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21326 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21411 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21413 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21233 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21236 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21237 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21239 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21241 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21243 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21244 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21248 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21252 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21266 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21282 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21302 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21303 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21306 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21273 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21286 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21305 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21339 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21246 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21417 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21250 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21240 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21238 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21223 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21409 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21245 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21251 | 7.50 | Denial-of-Service | \n| CVE-2025-21270 | 7.50 | Denial-of-Service | \n| CVE-2025-21277 | 7.50 | Denial-of-Service | \n| CVE-2025-21285 | 7.50 | Denial-of-Service | \n| CVE-2025-21289 | 7.50 | Denial-of-Service | \n| CVE-2025-21290 | 7.50 | Denial-of-Service | \n| CVE-2025-21220 | 7.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21230 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21304 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Boot Manager: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21215 | 4.60 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Hello: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21340 | 5.50 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nBranchCache: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21296 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\n\n```",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
},
{
"category": "general",
"text": "Not Failing Securely (\u0027Failing Open\u0027)",
"title": "CWE-636"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "general",
"text": "User Interface (UI) Misrepresentation of Critical Information",
"title": "CWE-451"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in Microsoft Windows",
"tracking": {
"current_release_date": "2025-01-14T19:09:24.429168Z",
"id": "NCSC-2025-0010",
"initial_release_date": "2025-01-14T19:09:24.429168Z",
"revision_history": [
{
"date": "2025-01-14T19:09:24.429168Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "windows_10_version_1507",
"product": {
"name": "windows_10_version_1507",
"product_id": "CSAFPID-1723936",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_10_version_1507:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_10_version_1607",
"product": {
"name": "windows_10_version_1607",
"product_id": "CSAFPID-1723937",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_10_version_1607:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_10_version_1809",
"product": {
"name": "windows_10_version_1809",
"product_id": "CSAFPID-1720442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_10_version_1809:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_10_version_21h2",
"product": {
"name": "windows_10_version_21h2",
"product_id": "CSAFPID-1741366",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_10_version_21h2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_10_version_22h2",
"product": {
"name": "windows_10_version_22h2",
"product_id": "CSAFPID-1741368",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_10_version_22h2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_11_version_22h2",
"product": {
"name": "windows_11_version_22h2",
"product_id": "CSAFPID-1741367",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_11_version_22h2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_11_version_22h3",
"product": {
"name": "windows_11_version_22h3",
"product_id": "CSAFPID-1741369",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_11_version_22h3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_11_version_23h2",
"product": {
"name": "windows_11_version_23h2",
"product_id": "CSAFPID-1741370",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_11_version_23h2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_11_version_24h2",
"product": {
"name": "windows_11_version_24h2",
"product_id": "CSAFPID-1741371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_11_version_24h2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2008__service_pack_2",
"product": {
"name": "windows_server_2008__service_pack_2",
"product_id": "CSAFPID-1723943",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2008__service_pack_2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2008_r2_service_pack_1",
"product": {
"name": "windows_server_2008_r2_service_pack_1",
"product_id": "CSAFPID-1723944",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2008_r2_service_pack_1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2008_r2_service_pack_1__server_core_installation_",
"product": {
"name": "windows_server_2008_r2_service_pack_1__server_core_installation_",
"product_id": "CSAFPID-1723945",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2008_r2_service_pack_1__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2008_service_pack_2",
"product": {
"name": "windows_server_2008_service_pack_2",
"product_id": "CSAFPID-1723941",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2008_service_pack_2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2008_service_pack_2__server_core_installation_",
"product": {
"name": "windows_server_2008_service_pack_2__server_core_installation_",
"product_id": "CSAFPID-1723942",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2008_service_pack_2__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2012",
"product": {
"name": "windows_server_2012",
"product_id": "CSAFPID-1717820",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2012:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2012__server_core_installation_",
"product": {
"name": "windows_server_2012__server_core_installation_",
"product_id": "CSAFPID-1717821",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2012__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2012_r2",
"product": {
"name": "windows_server_2012_r2",
"product_id": "CSAFPID-1717822",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2012_r2__server_core_installation_",
"product": {
"name": "windows_server_2012_r2__server_core_installation_",
"product_id": "CSAFPID-1717823",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2012_r2__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2016",
"product": {
"name": "windows_server_2016",
"product_id": "CSAFPID-1717812",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2016__server_core_installation_",
"product": {
"name": "windows_server_2016__server_core_installation_",
"product_id": "CSAFPID-1717813",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2016__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2019",
"product": {
"name": "windows_server_2019",
"product_id": "CSAFPID-1717808",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2019__server_core_installation_",
"product": {
"name": "windows_server_2019__server_core_installation_",
"product_id": "CSAFPID-1717809",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2019__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2022",
"product": {
"name": "windows_server_2022",
"product_id": "CSAFPID-1717810",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2022:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2022__23h2_edition__server_core_installation_",
"product": {
"name": "windows_server_2022__23h2_edition__server_core_installation_",
"product_id": "CSAFPID-1741352",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2022__23h2_edition__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2025",
"product": {
"name": "windows_server_2025",
"product_id": "CSAFPID-1741353",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2025:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "windows_server_2025__server_core_installation_",
"product": {
"name": "windows_server_2025__server_core_installation_",
"product_id": "CSAFPID-1741354",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_server_2025__server_core_installation_:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21411",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21411",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21411.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21411"
},
{
"cve": "CVE-2025-21413",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21413",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21413.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21413"
},
{
"cve": "CVE-2025-21210",
"cwe": {
"id": "CWE-636",
"name": "Not Failing Securely (\u0027Failing Open\u0027)"
},
"notes": [
{
"category": "other",
"text": "Not Failing Securely (\u0027Failing Open\u0027)",
"title": "CWE-636"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21210",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21210.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21210"
},
{
"cve": "CVE-2025-21214",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21214",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21214.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21214"
},
{
"cve": "CVE-2025-21215",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21215",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21215.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21215"
},
{
"cve": "CVE-2025-21233",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21233",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21233"
},
{
"cve": "CVE-2025-21236",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21236",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21236.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21236"
},
{
"cve": "CVE-2025-21237",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21237",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21237.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21237"
},
{
"cve": "CVE-2025-21239",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21239",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21239.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21239"
},
{
"cve": "CVE-2025-21241",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21241",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21241.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21241"
},
{
"cve": "CVE-2025-21242",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21242",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21242.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21242"
},
{
"cve": "CVE-2025-21243",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21243",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21243.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21243"
},
{
"cve": "CVE-2025-21244",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21244",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21244.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21244"
},
{
"cve": "CVE-2025-21248",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21248",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21248.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21248"
},
{
"cve": "CVE-2025-21249",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21249",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21249.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21249"
},
{
"cve": "CVE-2025-21251",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21251",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21251.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21251"
},
{
"cve": "CVE-2025-21252",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21252",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21252.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21252"
},
{
"cve": "CVE-2025-21255",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21255",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21255.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21255"
},
{
"cve": "CVE-2025-21257",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21257",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21257.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21257"
},
{
"cve": "CVE-2025-21258",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21258",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21258.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21258"
},
{
"cve": "CVE-2025-21260",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21260",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21260.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21260"
},
{
"cve": "CVE-2025-21263",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21263",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21263.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21263"
},
{
"cve": "CVE-2025-21265",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21265",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21265.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21265"
},
{
"cve": "CVE-2025-21266",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21266",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21266.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21266"
},
{
"cve": "CVE-2025-21268",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741353",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21268",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21268.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741353",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21268"
},
{
"cve": "CVE-2025-21269",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21269",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21269.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
}
],
"title": "CVE-2025-21269"
},
{
"cve": "CVE-2025-21270",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21270",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21270.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21270"
},
{
"cve": "CVE-2025-21271",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741368"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21271",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21271.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741368"
]
}
],
"title": "CVE-2025-21271"
},
{
"cve": "CVE-2025-21272",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21272",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21272.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21272"
},
{
"cve": "CVE-2025-21277",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21277",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21277.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21277"
},
{
"cve": "CVE-2025-21280",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21280",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21280.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21280"
},
{
"cve": "CVE-2025-21281",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21281",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21281.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21281"
},
{
"cve": "CVE-2025-21282",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21282",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21282.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21282"
},
{
"cve": "CVE-2025-21284",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21284",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21284.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21284"
},
{
"cve": "CVE-2025-21285",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21285",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21285.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21285"
},
{
"cve": "CVE-2025-21288",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21288",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21288.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21288"
},
{
"cve": "CVE-2025-21289",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21289",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21289.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21289"
},
{
"cve": "CVE-2025-21290",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21290",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21290.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21290"
},
{
"cve": "CVE-2025-21291",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21291",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21291.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352"
]
}
],
"title": "CVE-2025-21291"
},
{
"cve": "CVE-2025-21293",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21293",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21293.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21293"
},
{
"cve": "CVE-2025-21294",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21294",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21294.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21294"
},
{
"cve": "CVE-2025-21295",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21295",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21295.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21295"
},
{
"cve": "CVE-2025-21296",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21296",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21296.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21296"
},
{
"cve": "CVE-2025-21298",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21298",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21298.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21298"
},
{
"cve": "CVE-2025-21299",
"cwe": {
"id": "CWE-922",
"name": "Insecure Storage of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21299",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21299.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21299"
},
{
"cve": "CVE-2025-21301",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21301",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21301.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21301"
},
{
"cve": "CVE-2025-21302",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21302",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21302.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21302"
},
{
"cve": "CVE-2025-21303",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21303.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21303"
},
{
"cve": "CVE-2025-21304",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1741366",
"CSAFPID-1741368",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21304.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1741366",
"CSAFPID-1741368",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21304"
},
{
"cve": "CVE-2025-21306",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21306",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21306.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21306"
},
{
"cve": "CVE-2025-21314",
"cwe": {
"id": "CWE-451",
"name": "User Interface (UI) Misrepresentation of Critical Information"
},
"notes": [
{
"category": "other",
"text": "User Interface (UI) Misrepresentation of Critical Information",
"title": "CWE-451"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741353",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21314",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21314.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741353",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21314"
},
{
"cve": "CVE-2025-21316",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21316",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21316.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21316"
},
{
"cve": "CVE-2025-21318",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21318",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21318.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21318"
},
{
"cve": "CVE-2025-21319",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21319.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21319"
},
{
"cve": "CVE-2025-21320",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21320",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21320.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21320"
},
{
"cve": "CVE-2025-21321",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21321",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21321.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21321"
},
{
"cve": "CVE-2025-21327",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21327",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21327.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21327"
},
{
"cve": "CVE-2025-21341",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21341",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21341.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21341"
},
{
"cve": "CVE-2025-21382",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21382",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21382.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21382"
},
{
"cve": "CVE-2025-21219",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
}
],
"title": "CVE-2025-21219"
},
{
"cve": "CVE-2024-7344",
"references": [
{
"category": "self",
"summary": "CVE-2024-7344",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7344.json"
}
],
"title": "CVE-2024-7344"
},
{
"cve": "CVE-2025-21389",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21389",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21389.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21389"
},
{
"cve": "CVE-2025-21217",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21217",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21217.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21217"
},
{
"cve": "CVE-2025-21278",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21278",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21278.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21278"
},
{
"cve": "CVE-2025-21329",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21329",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21329.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21329"
},
{
"cve": "CVE-2025-21328",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21328",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21328.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
}
],
"title": "CVE-2025-21328"
},
{
"cve": "CVE-2025-21330",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21330",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21330.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21330"
},
{
"cve": "CVE-2025-21220",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21220",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21220.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21220"
},
{
"cve": "CVE-2025-21207",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21207",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21207.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21207"
},
{
"cve": "CVE-2025-21202",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21202",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21202.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21202"
},
{
"cve": "CVE-2025-21211",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21211.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21211"
},
{
"cve": "CVE-2025-21213",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21213",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21213.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21213"
},
{
"cve": "CVE-2025-21226",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21226",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21226.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21226"
},
{
"cve": "CVE-2025-21227",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21227",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21227.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21227"
},
{
"cve": "CVE-2025-21228",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21228",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21228.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21228"
},
{
"cve": "CVE-2025-21229",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21229",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21229.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21229"
},
{
"cve": "CVE-2025-21230",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21230",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21230.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21230"
},
{
"cve": "CVE-2025-21231",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21231",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21231.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21231"
},
{
"cve": "CVE-2025-21232",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21232.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21232"
},
{
"cve": "CVE-2025-21256",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21256",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21256.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21256"
},
{
"cve": "CVE-2025-21261",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21261",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21261.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21261"
},
{
"cve": "CVE-2025-21189",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21189",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21189.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823",
"CSAFPID-1741353",
"CSAFPID-1741354"
]
}
],
"title": "CVE-2025-21189"
},
{
"cve": "CVE-2025-21273",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21273",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21273.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21273"
},
{
"cve": "CVE-2025-21274",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21274",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21274.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21274"
},
{
"cve": "CVE-2025-21276",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741353",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21276",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21276.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741353",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21276"
},
{
"cve": "CVE-2025-21286",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21286.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21286"
},
{
"cve": "CVE-2025-21287",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21287",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21287.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21287"
},
{
"cve": "CVE-2025-21292",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21292",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21292.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21292"
},
{
"cve": "CVE-2025-21300",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21300",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21300.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21300"
},
{
"cve": "CVE-2025-21305",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21305",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21305.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21305"
},
{
"cve": "CVE-2025-21307",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21307",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21307.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21307"
},
{
"cve": "CVE-2025-21308",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21308"
},
{
"cve": "CVE-2025-21310",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21310",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21310.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21310"
},
{
"cve": "CVE-2025-21312",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21312",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21312.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21312"
},
{
"cve": "CVE-2025-21323",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717810",
"CSAFPID-1720442",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741370",
"CSAFPID-1741371",
"CSAFPID-1741369",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1723937",
"CSAFPID-1723936",
"CSAFPID-1717812",
"CSAFPID-1717808",
"CSAFPID-1717813",
"CSAFPID-1717809"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21323",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21323.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717810",
"CSAFPID-1720442",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741370",
"CSAFPID-1741371",
"CSAFPID-1741369",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1723937",
"CSAFPID-1723936",
"CSAFPID-1717812",
"CSAFPID-1717808",
"CSAFPID-1717813",
"CSAFPID-1717809"
]
}
],
"title": "CVE-2025-21323"
},
{
"cve": "CVE-2025-21324",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21324",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21324.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21324"
},
{
"cve": "CVE-2025-21331",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21331",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21331.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21331"
},
{
"cve": "CVE-2025-21336",
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21336",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21336.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21336"
},
{
"cve": "CVE-2025-21338",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21338",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21338.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21338"
},
{
"cve": "CVE-2025-21339",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21339",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21339.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21339"
},
{
"cve": "CVE-2025-21340",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21340",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21340.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21340"
},
{
"cve": "CVE-2025-21374",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21374",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21374.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21374"
},
{
"cve": "CVE-2025-21378",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21378",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21378.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21378"
},
{
"cve": "CVE-2025-21332",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21332",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21332.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21332"
},
{
"cve": "CVE-2025-21246",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21246",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21246.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21246"
},
{
"cve": "CVE-2025-21417",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21417",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21417.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21417"
},
{
"cve": "CVE-2025-21250",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21250",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21250.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21250"
},
{
"cve": "CVE-2025-21240",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21240",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21240.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21240"
},
{
"cve": "CVE-2025-21238",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21238",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21238.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21238"
},
{
"cve": "CVE-2025-21223",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21223",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21223.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21223"
},
{
"cve": "CVE-2025-21409",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21409",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21409.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21409"
},
{
"cve": "CVE-2025-21245",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21245",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21245.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1720442",
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353",
"CSAFPID-1723936",
"CSAFPID-1723937",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723941",
"CSAFPID-1723942",
"CSAFPID-1723943",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21245"
},
{
"cve": "CVE-2025-21297",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21297",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21297.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1723944",
"CSAFPID-1723945",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21297"
},
{
"cve": "CVE-2025-21309",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21309",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21309.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21309"
},
{
"cve": "CVE-2025-21193",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21193",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21193.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21193"
},
{
"cve": "CVE-2025-21225",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21225",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21225.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813"
]
}
],
"title": "CVE-2025-21225"
},
{
"cve": "CVE-2025-21218",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21218",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21218.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717808",
"CSAFPID-1717809",
"CSAFPID-1717810",
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741353",
"CSAFPID-1717812",
"CSAFPID-1717813",
"CSAFPID-1717820",
"CSAFPID-1717821",
"CSAFPID-1717822",
"CSAFPID-1717823"
]
}
],
"title": "CVE-2025-21218"
},
{
"cve": "CVE-2025-21234",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21234"
},
{
"cve": "CVE-2025-21235",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21235",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21235.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21235"
},
{
"cve": "CVE-2025-21224",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21224",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21224.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21224"
},
{
"cve": "CVE-2025-21275",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21275",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21275.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21275"
},
{
"cve": "CVE-2025-21317",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21317",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21317.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717810",
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21317"
},
{
"cve": "CVE-2025-21335",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21335",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21335.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21335"
},
{
"cve": "CVE-2025-21333",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21333",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21333.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21333"
},
{
"cve": "CVE-2025-21334",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21334",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21334.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741366",
"CSAFPID-1741367",
"CSAFPID-1741368",
"CSAFPID-1741354",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21334"
},
{
"cve": "CVE-2025-21343",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741367",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741371"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21343",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21343.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741367",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741371"
]
}
],
"title": "CVE-2025-21343"
},
{
"cve": "CVE-2025-21370",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741367",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741371"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741367",
"CSAFPID-1741369",
"CSAFPID-1741370",
"CSAFPID-1741371"
]
}
],
"title": "CVE-2025-21370"
},
{
"cve": "CVE-2025-21315",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21315",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21315.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21315"
},
{
"cve": "CVE-2025-21372",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21372",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21372.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21372"
},
{
"cve": "CVE-2025-21313",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "other",
"text": "Deadlock",
"title": "CWE-833"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21313",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21313.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21313"
},
{
"cve": "CVE-2025-21326",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1741352"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21326",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21326.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741353",
"CSAFPID-1741354",
"CSAFPID-1741352"
]
}
],
"title": "CVE-2025-21326"
},
{
"cve": "CVE-2025-21311",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"notes": [
{
"category": "other",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21311",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21311.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741354",
"CSAFPID-1741352",
"CSAFPID-1741371",
"CSAFPID-1741353"
]
}
],
"title": "CVE-2025-21311"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…