CVE-2025-29792 - Microsoft Office Use-After-Free Privilege Escalation Vulnerability
CVE ID : CVE-2025-29792
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29792
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29793 - Microsoft Office SharePoint Remote Code Execution Vulnerability
CVE ID : CVE-2025-29793
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29793
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29794 - Microsoft Office SharePoint Remote Code Execution Vulnerability
CVE ID : CVE-2025-29794
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29794
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29800 - Microsoft AutoUpdate Privilege Escalation Vulnerability
CVE ID : CVE-2025-29800
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29800
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29801 - Microsoft AutoUpdate Privilege Escalation Vulnerability
CVE ID : CVE-2025-29801
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29801
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29802 - Visual Studio Privilege Escalation Vulnerability
CVE ID : CVE-2025-29802
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29802
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29804 - Microsoft Visual Studio Privilege Escalation Vulnerability
CVE ID : CVE-2025-29804
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29804
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29805 - Microsoft Outlook Android Information Disclosure Vulnerability
CVE ID : CVE-2025-29805
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29805
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29808 - "Windows Cryptographic Services Cryptographic Primitive Implementation Vulnerability"
CVE ID : CVE-2025-29808
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29808
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29809 - Windows Kerberos Sensitive Information Storage Vulnerability
CVE ID : CVE-2025-29809
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29809
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29810 - Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
CVE ID : CVE-2025-29810
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29810
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29811 - Windows Mobile Broadband Privilege Escalation Vulnerability
CVE ID : CVE-2025-29811
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29811
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29812 - Microsoft Windows Kernel Untrusted Pointer Dereference Privilege Escalation
CVE ID : CVE-2025-29812
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29812
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29816 - Microsoft Office Word File Upload Bypass Vulnerability
CVE ID : CVE-2025-29816
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29816
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29819 - Azure Portal Windows Admin Center File Path Disclosure Vulnerability
CVE ID : CVE-2025-29819
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29819
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29820 - Microsoft Office Word Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-29820
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29820
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29821 - Dynamics Business Central Information Disclosure Vulnerability
CVE ID : CVE-2025-29821
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29821
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29822 - Microsoft Office OneNote Input Validation Bypass
CVE ID : CVE-2025-29822
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29822
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29823 - Microsoft Office Excel Use-After-Free Vulnerability Allows Local Code Execution
CVE ID : CVE-2025-29823
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29823
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29824 - Windows Common Log File System Driver Use-After-Free Privilege Escalation Vulnerability
CVE ID : CVE-2025-29824
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29824
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32035 - DotNetNuke File Upload Validation Bypass Vulnerability
CVE ID : CVE-2025-32035
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 9.13.2, when uploading files (e.g. when uploading assets), the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This means that it's possible to e.g. upload an executable file renamed to be a .jpg. This file could then be executed by another security vulnerability. This vulnerability is fixed in 9.13.2.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32035
Published : April 8, 2025, 6:16 p.m. | 1 hour, 8 minutes ago
Description : DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 9.13.2, when uploading files (e.g. when uploading assets), the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This means that it's possible to e.g. upload an executable file renamed to be a .jpg. This file could then be executed by another security vulnerability. This vulnerability is fixed in 9.13.2.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...