Security
Headlines
HeadlinesLatestCVEs

Tag

#Security Vulnerability

CVE-2025-29975: Microsoft PC Manager Elevation of Privilege Vulnerability

Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

Microsoft Security Response Center
#vulnerability#microsoft#auth#Microsoft PC Manager#Security Vulnerability
CVE-2025-29969: MS-EVEN RPC Remote Code Execution Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

CVE-2025-32702: Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.

CVE-2025-30397: Scripting Engine Memory Corruption Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to first prepare the target so that it uses Edge in Internet Explorer Mode.