Latest CVE Feed
-
7.8
HIGHCVE-2025-49726
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49725
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49724
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49723
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Authorization
-
5.7
MEDIUMCVE-2025-49722
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-49721
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-49719
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2025-49718
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Information Disclosure
-
8.5
HIGHCVE-2025-49717
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-49716
Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-49714
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-49711
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-49706
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Actively Exploited
- Published: Jul. 08, 2025
- Modified: Jul. 30, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-49705
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49704
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
- Actively Exploited
- Published: Jul. 08, 2025
- Modified: Jul. 30, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-49703
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office word sharepoint_server 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 sharepoint_server_2016 word_2016 sharepoint_server_2019 +3 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49702
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49701
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-49700
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office word 365_apps office_long_term_servicing_channel word_2016 office_2024 office_2021 office_2019- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-49699
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office word 365_apps outlook powerpoint office_long_term_servicing_channel outlook_2016 office_macos_2024 office_macos_2021 word_2016 +4 more products- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption