Author Archives: Syndicated News

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54102 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability→

Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-54906 Microsoft Office Remote Code Execution Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in SQL Server allows an authorized attacker to disclose information over a network. Continue reading CVE-2025-47997 Microsoft SQL Server Information Disclosure Vulnerability→

Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-54907 Microsoft Office Visio Remote Code Execution Vulnerability→

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54091 Windows Hyper-V Elevation of Privilege Vulnerability→

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-54908 Microsoft PowerPoint Remote Code Execution Vulnerability→

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49734 PowerShell Direct Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Graphics Kernel allows an authorized attacker to execute code locally. Continue reading CVE-2025-55226 Graphics Kernel Remote Code Execution Vulnerability→