Author Archives: Syndicated News

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53807 Windows Graphics Component Elevation of Privilege Vulnerability→

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-54106 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability→

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-54903 Microsoft Excel Remote Code Execution Vulnerability→

Improper link resolution before file access (‘link following’) in Xbox allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-55245 Xbox Gaming Services Elevation of Privilege Vulnerability→

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. Continue reading CVE-2025-54897 Microsoft SharePoint Remote Code Execution Vulnerability→

Improper link resolution before file access (‘link following’) in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-55317 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Graphics Kernel allows an authorized attacker to execute code locally. Continue reading CVE-2025-55226 Graphics Kernel Remote Code Execution Vulnerability→

Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. Continue reading CVE-2025-53809 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability→