Month: July 2025

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47982 Windows Storage VSP Driver Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-49703 Microsoft Word Remote Code Execution Vulnerability→

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-47981 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability→

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. Continue reading CVE-2025-49701 Microsoft SharePoint Remote Code Execution Vulnerability→

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally. Continue reading CVE-2025-47980 Windows Imaging Component Information Disclosure Vulnerability→

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-49699 Microsoft Office Remote Code Execution Vulnerability→

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network. Continue reading CVE-2025-47978 Windows Kerberos Denial of Service Vulnerability→

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-49697 Microsoft Office Remote Code Execution Vulnerability→