Month: May 2025

Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-30400 Microsoft DWM Core Library Elevation of Privilege Vulnerability→

Access of resource using incompatible type (‘type confusion’) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30375 Microsoft Excel Remote Code Execution Vulnerability→

Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-29826 Microsoft Dataverse Elevation of Privilege Vulnerability→

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-29978 Microsoft PowerPoint Remote Code Execution Vulnerability→

Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-27468 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-29977 Microsoft Excel Remote Code Execution Vulnerability→

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30386 Microsoft Office Remote Code Execution Vulnerability→

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-29976 Microsoft SharePoint Server Elevation of Privilege Vulnerability→