Latest CVE Feed
-
7.8
HIGHCVE-2025-53789
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
7.0
HIGHCVE-2025-53788
Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_subsystem_for_linux- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
-
8.4
HIGHCVE-2025-53784
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
Affected Products : 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2024 office_2021- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
-
7.5
HIGHCVE-2025-53783
Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : teams- Published: Aug. 12, 2025
- Modified: Aug. 13, 2025
-
7.7
HIGHCVE-2025-53781
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 13, 2025
-
7.2
HIGHCVE-2025-53779
Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : windows_server_2025- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
-
8.8
HIGHCVE-2025-53778
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-53773
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.... Read more
Affected Products : visual_studio_2022- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
8.8
HIGHCVE-2025-53772
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
5.5
MEDIUMCVE-2025-53769
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.... Read more
Affected Products : windows_security_app- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2025-53766
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 office windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +10 more products- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
5.5
MEDIUMCVE-2025-53765
Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
-
7.8
HIGHCVE-2025-53761
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps powerpoint office_long_term_servicing_channel office_2024 office_2021 office_2019 powerpoint_2016- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.1
HIGHCVE-2025-53760
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-53759
Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-53741
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
8.4
HIGHCVE-2025-53740
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-53739
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2025-53738
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
-
7.8
HIGHCVE-2025-53737
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025