Latest CVE Feed
-
7.8
HIGHCVE-2023-39494
PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more
- Published: May. 03, 2024
- Modified: May. 19, 2025
-
6.5
MEDIUMCVE-2025-29959
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2023-39495
PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is requir... Read more
- Published: May. 03, 2024
- Modified: May. 19, 2025
-
6.5
MEDIUMCVE-2025-29960
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
6.5
MEDIUMCVE-2025-29961
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
8.8
HIGHCVE-2025-29962
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29963
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29964
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29966
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29967
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-29968
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-29969
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Race Condition
-
7.8
HIGHCVE-2025-29970
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2023-39496
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this ... Read more
- Published: May. 03, 2024
- Modified: May. 19, 2025
-
7.5
HIGHCVE-2025-29971
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
7.0
HIGHCVE-2025-29973
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : azure_file_sync- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2023-39497
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more
- Published: May. 03, 2024
- Modified: May. 19, 2025
-
5.7
MEDIUMCVE-2025-29974
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-29975
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : pc_manager- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-29978
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption