Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2025-27468: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Improper privilege management in Windows Secure Kernel Mode allows an unauthorized attacker to elevate privileges locally.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#auth#Windows Secure Kernel Mode#Security Vulnerability
CVE-2025-30394: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.

CVE-2025-29826: Microsoft Dataverse Elevation of Privilege Vulnerability

Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

CVE-2025-30375: Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.