Microsoft Security Response Center Blog Alerts

CVE-2025-30387 Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability

Posted on Tuesday May 13, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.

 

CVE-2025-30386 Microsoft Office Remote Code Execution Vulnerability

Posted on Tuesday May 13, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

 

CVE-2025-30384 Microsoft SharePoint Server Remote Code Execution Vulnerability

Posted on Tuesday May 13, 2025

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

 

CVE-2025-30383 Microsoft Excel Remote Code Execution Vulnerability

Posted on Tuesday May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

 

CVE-2025-30382 Microsoft SharePoint Server Remote Code Execution Vulnerability

Posted on Tuesday May 13, 2025

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

 

CVE-2025-30381 Microsoft Excel Remote Code Execution Vulnerability

Posted on Tuesday May 13, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

 

Page:   1...192021222324252627...172

Celebrating 35+ Years

Off-Site Cloud Backups

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016