Month: May 2025

Access of resource using incompatible type (‘type confusion’) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30383 Microsoft Excel Remote Code Execution Vulnerability→

Improper link resolution before file access (‘link following’) in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-29975 Microsoft PC Manager Elevation of Privilege Vulnerability→

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-30381 Microsoft Excel Remote Code Execution Vulnerability→

Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-29973 Microsoft Azure File Sync Elevation of Privilege Vulnerability→

Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-26677 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability→

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-29971 Web Threat Defense (WTD.sys) Denial of Service Vulnerability→

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-32706 Windows Common Log File System Driver Elevation of Privilege Vulnerability→

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability→