Latest CVE Feed
-
8.5
HIGHCVE-2025-49717
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-49716
Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-49714
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-49711
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-49706
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Actively Exploited
- Published: Jul. 08, 2025
- Modified: Jul. 30, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-49705
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49704
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
- Actively Exploited
- Published: Jul. 08, 2025
- Modified: Jul. 30, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-49703
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office word sharepoint_server 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 sharepoint_server_2016 word_2016 sharepoint_server_2019 +3 more products- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49702
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 16, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-49701
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-49700
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office word 365_apps office_long_term_servicing_channel word_2016 office_2024 office_2021 office_2019- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-49699
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office word 365_apps outlook powerpoint office_long_term_servicing_channel outlook_2016 office_macos_2024 office_macos_2021 word_2016 +4 more products- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49698
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-49697
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-49696
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-49695
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-49694
Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-49693
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
8.0
HIGHCVE-2025-49691
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
7.4
HIGHCVE-2025-49690
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Jul. 08, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Race Condition