Total
5767 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26687 | 1 Microsoft | 16 Office, Windows 10 1507, Windows 10 1607 and 13 more | 2025-07-09 | N/A | 7.5 HIGH |
| Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2025-26679 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-26681 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 5 more | 2025-07-09 | N/A | 6.7 MEDIUM |
| Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-26670 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-09 | N/A | 8.1 HIGH |
| Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-26671 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-07-09 | N/A | 8.1 HIGH |
| Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-47168 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47165 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47164 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-09 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-27746 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-27745 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2024-30330 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-07-09 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22636. | |||||
| CVE-2025-47957 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-07-09 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47175 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47170 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-27480 | 1 Microsoft | 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more | 2025-07-08 | N/A | 8.1 HIGH |
| Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-27476 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-07-08 | N/A | 7.8 HIGH |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27467 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-07-08 | N/A | 7.8 HIGH |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27492 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-07-08 | N/A | 7.0 HIGH |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27491 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 7.1 HIGH |
| Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-29823 | 1 Microsoft | 1 365 Apps | 2025-07-08 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||