#vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.

Use after free in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and Roundcube to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-32433 (CVSS score: 10.0) - A missing authentication for a critical