Month: May 2025

Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally. Continue reading CVE-2025-29829 Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability→

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27488 Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability→

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30379 Microsoft Excel Remote Code Execution Vulnerability→

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30378 Microsoft SharePoint Server Remote Code Execution Vulnerability→

Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. Continue reading CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability→

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30377 Microsoft Office Remote Code Execution Vulnerability→

Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally. Continue reading CVE-2025-32703 Visual Studio Information Disclosure Vulnerability→

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30376 Microsoft Excel Remote Code Execution Vulnerability→