Month: April 2025

Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network. Continue reading CVE-2025-29816 Microsoft Word Security Feature Bypass Vulnerability→

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-26639 Windows USB Print Driver Elevation of Privilege Vulnerability→

Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-29810 Active Directory Domain Services Elevation of Privilege Vulnerability→

Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally. Continue reading CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability→

Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. Continue reading CVE-2025-29808 Windows Cryptographic Services Information Disclosure Vulnerability→

Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network. Continue reading CVE-2025-25002 Azure Local Cluster Information Disclosure Vulnerability→

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-29804 Visual Studio Elevation of Privilege Vulnerability→

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-24058 Windows DWM Core Library Elevation of Privilege Vulnerability→