Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-29801 Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-276
7.8
7.8
2025-04-08 CVE-2025-29802 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-427
7.3
7.3
2025-04-08 CVE-2025-29804 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-284
7.3
7.3
2025-04-08 CVE-2025-29805 Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
network
low complexity
CWE-200
7.5
7.5
2025-04-08 CVE-2025-29808 Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
local
low complexity
CWE-1240
5.5
5.5
2025-04-08 CVE-2025-29811 Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-122
7.8
7.8
2025-04-08 CVE-2025-29812 Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-822
7.8
7.8
2025-04-08 CVE-2025-29819 External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
local
low complexity
CWE-73
6.2
6.2
2025-04-08 CVE-2025-29821 Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.
local
low complexity
CWE-20
5.5
5.5
2025-04-08 CVE-2025-29823 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8