Latest CVE Feed
-
8.4
HIGHCVE-2025-53733
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : sharepoint_enterprise_server office word sharepoint_server 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 sharepoint_server_2016 word_2016 +4 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-53722
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +8 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service
-
7.0
HIGHCVE-2025-53721
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.0
HIGHCVE-2025-53720
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
5.7
MEDIUMCVE-2025-53719
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Information Disclosure
-
7.0
HIGHCVE-2025-53718
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2023-39328
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.... Read more
- Published: Jul. 09, 2024
- Modified: Aug. 18, 2025
-
3.3
LOWCVE-2022-47112
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.... Read more
Affected Products : 7-zip- Published: Apr. 19, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Misconfiguration
-
6.5
MEDIUMCVE-2025-53716
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2022-47111
7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.... Read more
Affected Products : 7-zip- Published: Apr. 19, 2025
- Modified: Aug. 18, 2025
-
5.5
MEDIUMCVE-2025-53156
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-53155
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-53145
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-53144
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-53143
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-53726
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-53725
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-53724
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.7
HIGHCVE-2025-35995
When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:... Read more
- Published: May. 07, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service
-
8.7
HIGHCVE-2025-36525
When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 07, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service