Latest CVE Feed
-
7.8
HIGHCVE-2025-30400
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Actively Exploited
- Published: May. 13, 2025
- Modified: May. 16, 2025
- Vuln Type: Authorization
-
7.5
HIGHCVE-2025-30397
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Actively Exploited
- Published: May. 13, 2025
- Modified: May. 29, 2025
- Vuln Type: Memory Corruption
-
5.9
MEDIUMCVE-2025-30394
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-30393
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2024 office_2021- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30388
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 office windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +13 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2025-30387
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.... Read more
Affected Products : azure_ai_document_intelligence_studio- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Path Traversal
-
8.4
HIGHCVE-2025-30386
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30385
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.4
HIGHCVE-2025-30384
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-30383
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30382
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-30381
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30379
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-30378
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 14, 2025
- Vuln Type: Authentication
-
8.4
HIGHCVE-2025-30377
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30376
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-30375
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-30320
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in ... Read more
- Published: May. 13, 2025
- Modified: May. 14, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-30319
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption i... Read more
- Published: May. 13, 2025
- Modified: May. 14, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-30318
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more
- Published: May. 13, 2025
- Modified: May. 14, 2025
- Vuln Type: Memory Corruption