CVE-2025-30377 Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-29959 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-32702 Visual Studio Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio allows an unauthorized attacker to execute code locally.
CVE-2025-29839 Windows Multiple UNC Provider Driver Information Disclosure Vulnerability
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
CVE-2025-32703 Visual Studio Information Disclosure Vulnerability
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
CVE-2025-30376 Microsoft Excel Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-26684 Microsoft Defender Elevation of Privilege Vulnerability
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVE-2025-30397 Scripting Engine Memory Corruption Vulnerability
Access of resource using incompatible type (‘type confusion’) in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
CVE-2025-29838 Windows ExecutionContext Driver Elevation of Privilege Vulnerability
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
CVE-2025-32701 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
