Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2025-49732: Windows Graphics Component Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Microsoft Security Response Center
#vulnerability#windows#microsoft#buffer_overflow#auth#Microsoft Graphics Component#Security Vulnerability
CVE-2025-49702: Microsoft Office Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-49704: Microsoft SharePoint Remote Code Execution Vulnerability

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVE-2025-49706: Microsoft SharePoint Server Spoofing Vulnerability

Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.