Filtered by vendor Microsoft
Subscribe
Total
22863 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-29974 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-19 | N/A | 5.7 MEDIUM |
| Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. | |||||
| CVE-2025-29975 | 1 Microsoft | 1 Pc Manager | 2025-05-19 | N/A | 7.8 HIGH |
| Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-29978 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-05-19 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-30381 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-05-19 | N/A | 7.8 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-30379 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-05-19 | N/A | 7.8 HIGH |
| Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-30377 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-05-19 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-30376 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-05-19 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-30375 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-05-19 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-30382 | 1 Microsoft | 1 Sharepoint Server | 2025-05-19 | N/A | 7.8 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. | |||||
| CVE-2022-28887 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more | 2025-05-15 | N/A | 4.3 MEDIUM |
| Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash. | |||||
| CVE-2025-30328 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30329 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | N/A | 5.5 MEDIUM |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30330 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43545 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43546 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43547 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43555 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43556 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43557 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | N/A | 7.8 HIGH |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-4660 | 2 Forescout, Microsoft | 2 Secureconnector, Windows | 2025-05-15 | N/A | 9.8 CRITICAL |
| A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent. This does not impact Linux or OSX Secure Connector. | |||||