CVE-2025-12101 - Cross-Site Scripting (XSS)
CVE ID : CVE-2025-12101
Published : Nov. 11, 2025, 2:15 p.m. | 35 minutes ago
Description : Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12101
Published : Nov. 11, 2025, 2:15 p.m. | 35 minutes ago
Description : Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9223 - Command Injection
CVE ID : CVE-2025-9223
Published : Nov. 11, 2025, 2:15 p.m. | 35 minutes ago
Description : Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9223
Published : Nov. 11, 2025, 2:15 p.m. | 35 minutes ago
Description : Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9227 - Stored XSS
CVE ID : CVE-2025-9227
Published : Nov. 11, 2025, 2:15 p.m. | 35 minutes ago
Description : Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9227
Published : Nov. 11, 2025, 2:15 p.m. | 35 minutes ago
Description : Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62199 - Microsoft Office Remote Code Execution Vulnerability
CVE ID : CVE-2025-62199
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62199
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62200 - Microsoft Excel Remote Code Execution Vulnerability
CVE ID : CVE-2025-62200
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62200
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62201 - Microsoft Excel Remote Code Execution Vulnerability
CVE ID : CVE-2025-62201
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62201
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62202 - Microsoft Excel Information Disclosure Vulnerability
CVE ID : CVE-2025-62202
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62202
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62203 - Microsoft Excel Remote Code Execution Vulnerability
CVE ID : CVE-2025-62203
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62203
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62204 - Microsoft SharePoint Remote Code Execution Vulnerability
CVE ID : CVE-2025-62204
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62204
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62205 - Microsoft Office Remote Code Execution Vulnerability
CVE ID : CVE-2025-62205
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62205
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62206 - Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE ID : CVE-2025-62206
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62206
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62208 - Windows License Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-62208
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62208
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62209 - Windows License Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-62209
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62209
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62210 - Dynamics 365 Field Service (online) Spoofing Vulnerability
CVE ID : CVE-2025-62210
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62210
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62211 - Dynamics 365 Field Service (online) Spoofing Vulnerability
CVE ID : CVE-2025-62211
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62211
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62213 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62213
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62213
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62214 - Visual Studio Remote Code Execution Vulnerability
CVE ID : CVE-2025-62214
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62214
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62215 - Windows Kernel Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62215
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62215
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62216 - Microsoft Office Remote Code Execution Vulnerability
CVE ID : CVE-2025-62216
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62216
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62217 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62217
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62217
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62218 - Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62218
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62218
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...