Latest CVE Feed
-
6.2
MEDIUMCVE-2025-29819
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.... Read more
Affected Products : windows_admin_center- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Path Traversal
-
7.5
HIGHCVE-2025-29816
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.... Read more
Affected Products : office word 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2016 word_2016 office_2024 office_2021 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-29812
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-29811
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.5
HIGHCVE-2025-29810
Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.1
HIGHCVE-2025-29809
Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Misconfiguration
-
5.5
MEDIUMCVE-2025-29808
Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2022- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Cryptography
-
7.5
HIGHCVE-2025-29805
Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.... Read more
Affected Products : outlook- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Information Disclosure
-
7.3
HIGHCVE-2025-29804
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.3
HIGHCVE-2025-29802
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-29801
Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : autoupdate- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-29800
Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : autoupdate- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Authorization
-
8.8
HIGHCVE-2025-29794
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authorization
-
7.2
HIGHCVE-2025-29793
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more
Affected Products : sharepoint_enterprise_server sharepoint_server sharepoint_server_2016 sharepoint_server_2019- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authentication
-
7.3
HIGHCVE-2025-29792
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : office 365_apps office_long_term_servicing_channel office_2016 office_2024 office_2021 office_2019- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-29791
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27752
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27751
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27750
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27749
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Memory Corruption