Latest CVE Feed
-
7.0
HIGHCVE-2025-27478
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-27477
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27476
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
7.0
HIGHCVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Authentication
-
6.5
MEDIUMCVE-2025-27474
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2025-27473
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
5.4
MEDIUMCVE-2025-27472
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Misconfiguration
-
5.9
MEDIUMCVE-2025-27471
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27470
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.... Read more
- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-27469
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-27467
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Apr. 08, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Memory Corruption
-
5.4
MEDIUMCVE-2025-27205
Adobe Experience Manager Screens versions FP11.3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ... Read more
- Published: Apr. 08, 2025
- Modified: Aug. 05, 2025
- Vuln Type: Cross-Site Scripting
-
5.5
MEDIUMCVE-2025-27204
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 15, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-27202
Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issu... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 15, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-27201
Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issu... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 15, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-27200
Animate versions 24.0.7, 23.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27199
Animate versions 24.0.7, 23.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27198
Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in tha... Read more
- Published: Apr. 08, 2025
- Modified: May. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27196
Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vict... Read more
- Published: Apr. 08, 2025
- Modified: May. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27195
Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vic... Read more
- Published: Apr. 08, 2025
- Modified: May. 05, 2025
- Vuln Type: Memory Corruption