Microsoft
Monthly
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.
In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. Rated high severity (CVSS 7.0). No vendor patch available.
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration information*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.
Group-Office is an enterprise customer relationship management and groupware tool. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Group-Office is an enterprise customer relationship management and groupware tool. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Group-Office is an enterprise customer relationship management and groupware tool. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation.14.2,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation.14.2,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis.14.2, before 4.15.1,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis.14.2, before 4.15.1,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.1. Rated medium severity (CVSS 5.7). No vendor patch available.
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.1. Rated medium severity (CVSS 5.9). No vendor patch available.
Data provided in a request performed to the server while activating a new device are put in a database. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A passback vulnerability which relates to office/small office multifunction printers and laser printers. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A passback vulnerability which relates to production printers and office multifunction printers. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova WorkstationST on Windows (EGD Configuration Server modules) allows Path Traversal.10.10C and. Rated medium severity (CVSS 5.9). No vendor patch available.
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface (WASI) and command line interface. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows. Rated low severity (CVSS 3.9). No vendor patch available.
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 before version 29.4 may allow an authenticated user to potentially enable escalation of privilege. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Race condition for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service. Rated medium severity (CVSS 5.8). No vendor patch available.
Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Ancillary Function Driver for WinSock contains a use-after-free enabling local privilege escalation through a null pointer dereference, exploited in May 2025.
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows CLFS Driver contains an input validation flaw enabling local privilege escalation, yet another CLFS kernel vulnerability in the May 2025 Patch Tuesday.
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows Common Log File System Driver contains another use-after-free for local privilege escalation, the latest in a series of CLFS kernel vulnerabilities exploited throughout 2023-2025.
Windows Desktop Window Manager (DWM) contains a use-after-free enabling local privilege escalation, exploited in the wild in May 2025 as another DWM zero-day.
Microsoft Scripting Engine contains a type confusion vulnerability allowing unauthorized remote code execution over the network through crafted content processed by the scripting engine.
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.
In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. Rated high severity (CVSS 7.0). No vendor patch available.
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration information*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.
Group-Office is an enterprise customer relationship management and groupware tool. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Group-Office is an enterprise customer relationship management and groupware tool. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Group-Office is an enterprise customer relationship management and groupware tool. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation.14.2,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation.14.2,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis.14.2, before 4.15.1,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis.14.2, before 4.15.1,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.1. Rated medium severity (CVSS 5.7). No vendor patch available.
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.1. Rated medium severity (CVSS 5.9). No vendor patch available.
Data provided in a request performed to the server while activating a new device are put in a database. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A passback vulnerability which relates to office/small office multifunction printers and laser printers. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A passback vulnerability which relates to production printers and office multifunction printers. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova WorkstationST on Windows (EGD Configuration Server modules) allows Path Traversal.10.10C and. Rated medium severity (CVSS 5.9). No vendor patch available.
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface (WASI) and command line interface. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows. Rated low severity (CVSS 3.9). No vendor patch available.
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 before version 29.4 may allow an authenticated user to potentially enable escalation of privilege. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Race condition for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service. Rated medium severity (CVSS 5.8). No vendor patch available.
Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Ancillary Function Driver for WinSock contains a use-after-free enabling local privilege escalation through a null pointer dereference, exploited in May 2025.
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows CLFS Driver contains an input validation flaw enabling local privilege escalation, yet another CLFS kernel vulnerability in the May 2025 Patch Tuesday.
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows Common Log File System Driver contains another use-after-free for local privilege escalation, the latest in a series of CLFS kernel vulnerabilities exploited throughout 2023-2025.
Windows Desktop Window Manager (DWM) contains a use-after-free enabling local privilege escalation, exploited in the wild in May 2025 as another DWM zero-day.
Microsoft Scripting Engine contains a type confusion vulnerability allowing unauthorized remote code execution over the network through crafted content processed by the scripting engine.
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.