Month: August 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-53731 Microsoft Office Remote Code Execution Vulnerability→

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-53728 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability→

Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2025-50171 Remote Desktop Spoofing Vulnerability→

Access of resource using incompatible type (‘type confusion’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53725 Windows Push Notifications Apps Elevation of Privilege Vulnerability→

Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-50170 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability→

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53723 Windows Hyper-V Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows SMB allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability→

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53721 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability→