Skip to main content
CVE-2025-49659 HIGH PATCH This Week

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Microsoft Buffer Overflow Windows Server 2025 Windows 10 1809 Windows Server 2019 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48806 HIGH PATCH This Week

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2008 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48805 HIGH PATCH This Week

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2025 Windows 10 21h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47985 HIGH PATCH This Week

A privilege escalation vulnerability in Untrusted pointer dereference in Windows Event Tracing (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 1607 Windows 11 23h2 Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47976 HIGH PATCH This Week

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2022 23h2 +15
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49721 HIGH PATCH This Week

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2012 Windows Server 2019 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49711 HIGH PATCH This Week

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Microsoft Use After Free Memory Corruption Denial Of Service Office +4
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49705 HIGH PATCH This Week

Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Microsoft Heap Overflow Buffer Overflow 365 Apps Office +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49700 HIGH PATCH This Week

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Microsoft Use After Free Memory Corruption Denial Of Service Office +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49698 HIGH PATCH This Week

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Microsoft Use After Free Memory Corruption Denial Of Service Word +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47973 HIGH PATCH This Week

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer Overflow Windows Server 2008 Windows Server 2016 Windows 10 21h2 Windows Server 2012 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47971 HIGH PATCH This Week

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer Overflow Windows 10 22h2 Windows 10 1607 Windows 10 1507 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47993 HIGH PATCH This Week

Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

Microsoft Authentication Bypass Windows Server 2022 23h2 Windows 11 24h2 Windows Server 2025
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49665 HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

Race Condition Information Disclosure Windows 10 1607 Windows Server 2022 Windows 10 1507 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48000 HIGH PATCH This Week

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Microsoft Race Condition Denial Of Service Windows Server 2022 23h2 Windows 11 23h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47991 HIGH PATCH This Week

Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2022 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47133 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Buffer Overflow Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47132 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Buffer Overflow Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47131 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Adobe Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47130 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Integer Overflow Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47129 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Buffer Overflow Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47128 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Integer Overflow Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47127 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Buffer Overflow Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47126 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Buffer Overflow Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47125 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Adobe Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47124 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Buffer Overflow Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47123 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Adobe Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47122 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Adobe Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47121 HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Adobe Memory Corruption Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47099 HIGH This Week

InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47098 HIGH This Week

InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Memory Corruption Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47097 HIGH This Week

InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Integer Overflow Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49532 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Integer Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49531 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Integer Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49530 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49529 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Memory Corruption Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49528 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Stack Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49527 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Stack Overflow Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49526 HIGH This Week

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47136 HIGH This Week

InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Integer Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47134 HIGH This Week

InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47103 HIGH This Week

InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-43594 HIGH This Week

InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-43592 HIGH This Week

InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Memory Corruption Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-43591 HIGH This Week

InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-43582 HIGH This Week

Substance3D - Viewer versions 0.22 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user, scope unchanged. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Heap Overflow RCE Buffer Overflow Substance 3d Viewer
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-30312 HIGH This Week

Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Dimension
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21166 HIGH This Week

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21165 HIGH This Week

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21164 HIGH This Week

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

RCE Buffer Overflow Memory Corruption Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.0%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy