Latest CVE Feed
-
7.8
HIGHCVE-2025-24075
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-24072
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Mar. 11, 2025
- Modified: Jul. 07, 2025
-
6.5
MEDIUMCVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products- Published: Mar. 11, 2025
- Modified: Jul. 03, 2025
- Vuln Type: Information Disclosure
-
7.0
HIGHCVE-2025-24070
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.... Read more
- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-24067
Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Mar. 11, 2025
- Modified: Jul. 03, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-24066
Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
-
8.1
HIGHCVE-2025-24064
Use after free in DNS Server allows an unauthorized attacker to execute code over a network.... Read more
- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
-
7.8
HIGHCVE-2025-24061
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Mar. 11, 2025
- Modified: Jul. 03, 2025
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2025-24059
Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-24057
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-24056
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
4.3
MEDIUMCVE-2025-24055
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Information Disclosure
-
6.5
MEDIUMCVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Actively Exploited
- Published: Mar. 11, 2025
- Modified: May. 29, 2025
- Vuln Type: Path Traversal
-
8.8
HIGHCVE-2025-24051
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-24050
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 +4 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-24049
Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.... Read more
- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-24048
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 +4 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-24046
Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Mar. 11, 2025
- Modified: Jul. 02, 2025
- Vuln Type: Memory Corruption
-
8.1
HIGHCVE-2025-24045
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.... Read more
- Published: Mar. 11, 2025
- Modified: Jul. 03, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-24044
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products- Published: Mar. 11, 2025
- Modified: Jul. 07, 2025
- Vuln Type: Memory Corruption