#Security Vulnerability

CVE-2025-59238: Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office PowerPoint #Security Vulnerability

CVE-2025-2884: Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation

Out-of-bounds read in TCG TPM2.0 allows an authorized attacker to disclose information locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #auth #TCG TPM2.0 #Security Vulnerability

CVE-2025-59225: Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-59224: Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-59223: Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-59205: Windows Graphics Component Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Microsoft Graphics Component #Security Vulnerability

CVE-2025-59203: Windows State Repository API Server File Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows StateRepository API #Security Vulnerability

CVE-2025-59213: Configuration Manager Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally.

2 months ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #microsoft #auth #Microsoft Configuration Manager #Security Vulnerability

CVE-2025-59210: Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability

Use after free in Windows Resilient File System (ReFS) Deduplication Service allows an unauthorized attacker to elevate privileges locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Resilient File System (ReFS) Deduplication Service #Security Vulnerability

CVE-2025-59198: Windows Search Service Denial of Service Vulnerability

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.