-
CVE-2025-30375
•
published on May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
-
CVE-2025-29979
•
published on May 13, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
-
CVE-2025-29978
•
published on May 13, 2025
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
-
CVE-2025-29977
•
published on May 13, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
-
CVE-2025-29976
•
published on May 13, 2025
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
-
CVE-2025-29975
•
published on May 13, 2025
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
-
CVE-2025-29973
•
published on May 13, 2025
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.
-
CVE-2025-29971
•
published on May 13, 2025
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.
-
CVE-2025-29970
•
published on May 13, 2025
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
-
CVE-2025-29969
•
published on May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.
-
CVE-2025-29968
•
published on May 13, 2025
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
-
CVE-2025-29967
•
published on May 13, 2025
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
-
CVE-2025-29966
•
published on May 13, 2025
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
-
CVE-2025-29964
•
published on May 13, 2025
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
-
CVE-2025-29960
•
published on May 13, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
-
CVE-2025-29959
•
published on May 13, 2025
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
-
CVE-2025-26684
•
published on May 13, 2025
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
-
CVE-2024-36339
•
published on May 13, 2025
A DLL hijacking vulnerability in the AMD Optimizing CPU Libraries could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
-
CVE-2024-21960
•
published on May 13, 2025
Incorrect default permissions in the AMD Optimizing CPU Libraries (AOCL) installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
-
CVE-2025-30310
•
published on May 13, 2025
Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
