Source

Microsoft Security Response Center

CVE-2025-29826: Microsoft Dataverse Elevation of Privilege Vulnerability

Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

4 months ago

Open in Source

#vulnerability #microsoft #auth #Microsoft Dataverse #Security Vulnerability

CVE-2025-30393: Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-30379: Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #buffer_overflow #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-30378: Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office SharePoint #Security Vulnerability

CVE-2025-30394: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #dos #perl #auth #Remote Desktop Gateway Service #Security Vulnerability

CVE-2025-30382: Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office SharePoint #Security Vulnerability

CVE-2025-30400: Microsoft DWM Core Library Elevation of Privilege Vulnerability

Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #microsoft #auth #Windows DWM #Security Vulnerability

CVE-2025-30377: Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office #Security Vulnerability

CVE-2025-29969: MS-EVEN RPC Remote Code Execution Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #rce #auth #Windows Fundamentals #Security Vulnerability

CVE-2025-29968: Active Directory Certificate Services (AD CS) Denial of Service Vulnerability

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.

4 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #dos #auth #Active Directory Certificate Services (AD CS)#Security Vulnerability