CVE-2025-62203 - Microsoft Excel Remote Code Execution Vulnerability
CVE ID : CVE-2025-62203
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62203
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62204 - Microsoft SharePoint Remote Code Execution Vulnerability
CVE ID : CVE-2025-62204
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62204
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62205 - Microsoft Office Remote Code Execution Vulnerability
CVE ID : CVE-2025-62205
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62205
Published : Nov. 11, 2025, 6:15 p.m. | 37 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62206 - Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE ID : CVE-2025-62206
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62206
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62208 - Windows License Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-62208
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62208
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62209 - Windows License Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-62209
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62209
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62210 - Dynamics 365 Field Service (online) Spoofing Vulnerability
CVE ID : CVE-2025-62210
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62210
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62211 - Dynamics 365 Field Service (online) Spoofing Vulnerability
CVE ID : CVE-2025-62211
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62211
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62213 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62213
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62213
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62214 - Visual Studio Remote Code Execution Vulnerability
CVE ID : CVE-2025-62214
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62214
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62215 - Windows Kernel Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62215
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62215
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62216 - Microsoft Office Remote Code Execution Vulnerability
CVE ID : CVE-2025-62216
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62216
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62217 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62217
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62217
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62218 - Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62218
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62218
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62219 - Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
CVE ID : CVE-2025-62219
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62219
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62220 - Windows Subsystem for Linux GUI Remote Code Execution Vulnerability
CVE ID : CVE-2025-62220
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62220
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62222 - Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
CVE ID : CVE-2025-62222
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62222
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62449 - Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
CVE ID : CVE-2025-62449
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62449
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62452 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE ID : CVE-2025-62452
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62452
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-62453 - GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
CVE ID : CVE-2025-62453
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-62453
Published : Nov. 11, 2025, 6:15 p.m. | 36 minutes ago
Description : Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-61830 - Adobe Pass | Incorrect Authorization (CWE-863)
CVE ID : CVE-2025-61830
Published : Nov. 11, 2025, 6:28 p.m. | 23 minutes ago
Description : Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install a malicious SDK.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-61830
Published : Nov. 11, 2025, 6:28 p.m. | 23 minutes ago
Description : Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install a malicious SDK.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...