Month: March 2025

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-24050 Windows Hyper-V Elevation of Privilege Vulnerability→

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. Continue reading CVE-2025-24987 Windows USB Video Class System Driver Elevation of Privilege Vulnerability→

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-24046 Kernel Streaming Service Driver Elevation of Privilege Vulnerability→

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-24986 Azure Promptflow Remote Code Execution Vulnerability→

Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-21199 Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability→

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-24083 Microsoft Office Remote Code Execution Vulnerability→

Improper link resolution before file access (‘link following’) in Microsoft Windows allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-25008 Windows Server Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-24082 Microsoft Excel Remote Code Execution Vulnerability→