Month: July 2025

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windo… Continue reading CVE-2025-36357 AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue→

Trust boundary violation in Visual Studio Code – Python extension allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability→

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally. Continue reading CVE-2025-47994 Microsoft Office Elevation of Privilege Vulnerability→

Access of resource using incompatible type (‘type confusion’) in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-49702 Microsoft Office Remote Code Execution Vulnerability→

Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47993 Microsoft PC Manager Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-49698 Microsoft Word Remote Code Execution Vulnerability→

Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47991 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability→

Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49693 Microsoft Brokering File System Elevation of Privilege Vulnerability→