Full List

Search

Recent Vulnerabilities

• CVE-2025-27194 • published on April 8, 2025 Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27184 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27182 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27186 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27185 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27187 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27183 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-27204 • published on April 8, 2025 After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
• CVE-2025-26682 • published on April 8, 2025 Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
• CVE-2025-24062 • published on April 8, 2025 Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
• CVE-2025-24060 • published on April 8, 2025 Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
• CVE-2025-29811 • published on April 8, 2025 Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
• CVE-2025-29819 • published on April 8, 2025 External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
• CVE-2025-29816 • published on April 8, 2025 Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
• CVE-2025-29812 • published on April 8, 2025 Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
• CVE-2025-29810 • published on April 8, 2025 Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
• CVE-2025-29805 • published on April 8, 2025 Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
• CVE-2025-29808 • published on April 8, 2025 Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
• CVE-2025-29809 • published on April 8, 2025 Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.
• CVE-2025-29804 • published on April 8, 2025 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.