Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2025-62204: Microsoft SharePoint Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Microsoft Security Response Center
Open in Source
#vulnerability#microsoft#rce#auth#Microsoft Office SharePoint#Security Vulnerability
CVE-2025-60728: Microsoft Excel Information Disclosure Vulnerability

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2025-62449: Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Visual Studio Code sensitive file protections.

CVE-2025-59499: Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.