Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-29812 Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-822
7.8
7.8
2025-04-08 CVE-2025-29816 Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
network
high complexity
CWE-349
7.5
7.5
2025-04-08 CVE-2025-29819 External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
local
low complexity
CWE-73
6.2
6.2
2025-04-08 CVE-2025-29820 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8
2025-04-08 CVE-2025-29821 Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.
local
low complexity
CWE-20
5.5
5.5
2025-04-08 CVE-2025-29822 Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
local
low complexity
CWE-184
7.8
7.8
2025-04-08 CVE-2025-29823 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8
2025-04-08 CVE-2025-21174 Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
network
low complexity
CWE-400
7.5
7.5
2025-04-08 CVE-2025-21203 Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
CWE-126
6.5
6.5
2025-04-08 CVE-2025-24058 Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-20
7.8
7.8