Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-11 CVE-2025-24997 Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.
local
low complexity
CWE-476
4.4
4.4
2025-03-11 CVE-2025-24998 Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-427
7.3
7.3
2025-03-11 CVE-2025-25003 Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-427
7.3
7.3
2025-03-11 CVE-2025-25008 Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-59
7.1
7.1
2025-03-11 CVE-2025-26627 Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-77
7.0
7.0
2025-03-11 CVE-2025-26629 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8
2025-03-11 CVE-2025-26630 Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8
2025-03-11 CVE-2025-26631 Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-427
7.3
7.3
2025-03-11 CVE-2025-26634 Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
network
high complexity
CWE-122
7.5
7.5
2025-03-11 CVE-2025-26645 Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
network
low complexity
CWE-23
8.8
8.8