Latest CVE Feed
-
7.8
HIGHCVE-2025-47955
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authorization
-
8.4
HIGHCVE-2025-47953
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47176
'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Path Traversal
-
7.8
HIGHCVE-2025-47175
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47174
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47173
Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
8.8
HIGHCVE-2025-47172
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Injection
-
6.7
MEDIUMCVE-2025-47171
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.... Read more
Affected Products : office 365_apps outlook office_long_term_servicing_channel outlook_2016 office_2024 office_2021 office_2019- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-47170
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47169
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : sharepoint_enterprise_server office word sharepoint_server 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 sharepoint_server_2016 word_2016 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47168
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : sharepoint_enterprise_server office word sharepoint_server 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 sharepoint_server_2016 word_2016 +4 more products- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-47167
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-47166
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-47165
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-47164
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-47163
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
8.4
HIGHCVE-2025-47162
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
5.4
MEDIUMCVE-2025-47160
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Jun. 10, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-47108
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more
Affected Products : substance_3d_painter- Published: Jun. 10, 2025
- Modified: Jul. 14, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-47106
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this... Read more
- Published: Jun. 10, 2025
- Modified: Jun. 16, 2025
- Vuln Type: Information Disclosure