CVE-2025-62205 Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-62205 Microsoft Office Remote Code Execution Vulnerability
Month: November 2025
CVE-2025-59499 Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command (‘sql injection’) in SQL Server allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-59499 Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2025-62209 Windows License Manager Information Disclosure Vulnerability
Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. Continue reading CVE-2025-62209 Windows License Manager Information Disclosure Vulnerability
CVE-2025-62214 Visual Studio Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio allows an authorized attacker to execute code locally. Continue reading CVE-2025-62214 Visual Studio Remote Code Execution Vulnerability
CVE-2025-62211 Dynamics 365 Field Service (online) Spoofing Vulnerability
Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. Continue reading CVE-2025-62211 Dynamics 365 Field Service (online) Spoofing Vulnerability
CVE-2025-62213 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-62213 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-62215 Windows Kernel Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Kernel allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-62215 Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-62222 Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-62222 Agentic AI and Visual Studio Code Remote Code Execution Vulnerability