Latest CVE Feed
-
7.8
HIGHCVE-2025-30310
Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi... Read more
- Published: May. 13, 2025
- Modified: May. 14, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-29979
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-29978
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-29977
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-29976
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 sharepoint_server windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +8 more products- Published: May. 13, 2025
- Modified: Jun. 23, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-29975
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : pc_manager- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
5.7
MEDIUMCVE-2025-29974
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
7.0
HIGHCVE-2025-29973
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : azure_file_sync- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
7.5
HIGHCVE-2025-29971
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-29970
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-29969
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Race Condition
-
6.5
MEDIUMCVE-2025-29968
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.... Read more
- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Denial of Service
-
8.8
HIGHCVE-2025-29967
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29966
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29964
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29963
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-29962
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-29961
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
6.5
MEDIUMCVE-2025-29960
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure
-
6.5
MEDIUMCVE-2025-29959
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: May. 13, 2025
- Modified: May. 19, 2025
- Vuln Type: Information Disclosure