CVE-2025-64657 Azure Application Gateway Elevation of Privilege Vulnerability
Stack-based buffer overflow in Software for Open Networking in the Cloud (SONiC) allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64657
Stack-based buffer overflow in Software for Open Networking in the Cloud (SONiC) allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64657
CVE-2025-62459 Microsoft Defender Portal Spoofing Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62459
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62459
CVE-2025-64660 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64660
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64660
CVE-2025-62207 Azure Monitor Elevation of Privilege Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62207
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62207
CVE-2025-49752 Azure Bastion Elevation of Privilege Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49752
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49752
CVE-2025-59245 Microsoft SharePoint Online Elevation of Privilege Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59245
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59245
CVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability
Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64655
Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64655
CVE-2025-64656 Application Gateway Elevation of Privilege Vulnerability
Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64656
Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64656
CVE-2025-54114 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Updated Security Impact values. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54114
Updated Security Impact values. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54114
CVE-2025-59286 Copilot Spoofing Vulnerability
Updated information to include CVSS scores. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59286
Updated information to include CVSS scores. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59286
CVE-2025-59272 Copilot Spoofing Vulnerability
Updated information to include CVSS scores. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59272
Updated information to include CVSS scores. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59272
CVE-2025-59252 M365 Copilot Spoofing Vulnerability
Updated information to include CVSS scores. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59252
Updated information to include CVSS scores. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59252
CVE-2022-24735 Lua scripts can be manipulated to overcome ACL rules in Redis
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24735
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24735
CVE-2022-24736 A Malformed Lua script can crash Redis
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24736
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24736
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58183
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58183
CVE-2025-11494 GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11494
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11494
CVE-2025-38597 drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38597
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38597
CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38615
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38615
CVE-2025-38643 wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38643
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38643
CVE-2025-38626 f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38626
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38626
CVE-2025-38659 gfs2: No more self recovery
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38659
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38659