#auth

CVE-2025-33075: Windows Installer Elevation of Privilege Vulnerability

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Installer #Security Vulnerability

CVE-2025-33067: Windows Task Scheduler Elevation of Privilege Vulnerability

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Kernel #Security Vulnerability

CVE-2025-24069: Windows Storage Management Provider Information Disclosure Vulnerability

Out-of-bounds read in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Storage Management Provider #Security Vulnerability

CVE-2025-24068: Windows Storage Management Provider Information Disclosure Vulnerability

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Storage Management Provider #Security Vulnerability

CVE-2025-47174: Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #buffer_overflow #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-47172: Microsoft SharePoint Server Remote Code Execution Vulnerability

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

27 days ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #microsoft #rce #auth #Microsoft Office SharePoint #Security Vulnerability

CVE-2025-47968: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #auth #Microsoft AutoUpdate (MAU)#Security Vulnerability

CVE-2025-47959: Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #rce #auth #Visual Studio #Security Vulnerability

CVE-2025-47176: Microsoft Outlook Remote Code Execution Vulnerability

'.../...//' in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.

27 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Outlook #Security Vulnerability

CVE-2025-47175: Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.