Month: November 2025

Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-60721 Windows Administrator Protection Elevation of Privilege Vulnerability→

Improper limitation of a pathname to a restricted directory (‘path traversal’) in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally. Continue reading CVE-2025-62449 Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability→

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-62200 Microsoft Excel Remote Code Execution Vulnerability→

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-62201 Microsoft Excel Remote Code Execution Vulnerability→

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. Continue reading CVE-2025-62202 Microsoft Excel Information Disclosure Vulnerability→

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. Continue reading CVE-2025-62204 Microsoft SharePoint Remote Code Execution Vulnerability→

Affected software updated with new package information. Continue reading CVE-2025-62203 Microsoft Excel Remote Code Execution Vulnerability→

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. Continue reading CVE-2025-62208 Windows License Manager Information Disclosure Vulnerability→