Filtered by vendor Microsoft
Subscribe
Total
21853 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49751 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-08-15 | N/A | 6.8 MEDIUM |
| Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. | |||||
| CVE-2025-49745 | 1 Microsoft | 1 Dynamics 365 | 2025-08-15 | N/A | 5.4 MEDIUM |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-49743 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-15 | N/A | 6.7 MEDIUM |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49736 | 1 Microsoft | 1 Edge | 2025-08-15 | N/A | 4.3 MEDIUM |
| The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-49712 | 1 Microsoft | 1 Sharepoint Server | 2025-08-15 | N/A | 8.8 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53759 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-08-15 | N/A | 7.8 HIGH |
| Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53741 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-08-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53740 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-08-15 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53739 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-08-15 | N/A | 7.8 HIGH |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53737 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-08-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53735 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-08-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53734 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-08-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53732 | 1 Microsoft | 1 Office | 2025-08-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53731 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-08-15 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53730 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-08-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53778 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-08-15 | N/A | 8.8 HIGH |
| Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-53773 | 1 Microsoft | 1 Visual Studio 2022 | 2025-08-15 | N/A | 7.8 HIGH |
| Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-53772 | 1 Microsoft | 1 Web Deploy 4.0 | 2025-08-15 | N/A | 8.8 HIGH |
| Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53769 | 1 Microsoft | 1 Windows Security App | 2025-08-15 | N/A | 5.5 MEDIUM |
| External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. | |||||
| CVE-2025-53761 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-08-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |||||