TheWindowsUpdate.com

Access of resource using incompatible type (‘type confusion’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53726 Windows Push Notifications Apps Elevation of Privilege Vulnerability→

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-24999 Microsoft SQL Server Elevation of Privilege Vulnerability→

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53718 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability→

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-53761 Microsoft PowerPoint Remote Code Execution Vulnerability→

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53154 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability→

Improper neutralization of special elements used in an sql command (‘sql injection’) in SQL Server allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-49758 Microsoft SQL Server Elevation of Privilege Vulnerability→

Improper neutralization of special elements used in an sql command (‘sql injection’) in SQL Server allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-53727 Microsoft SQL Server Elevation of Privilege Vulnerability→

Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-33051 Microsoft Exchange Server Information Disclosure Vulnerability→