Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-27204 Out-of-bounds Read vulnerability in Adobe After Effects
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2025-04-08 CVE-2025-27205 Adobe Experience Manager Screens versions FP11.3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
CWE-79
5.4
5.4
2025-04-08 CVE-2025-27467 Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-416
7.8
7.8
2025-04-08 CVE-2025-27470 Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
network
low complexity
CWE-400
7.5
7.5
2025-04-08 CVE-2025-27474 Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
CWE-908
6.5
6.5
2025-04-08 CVE-2025-27475 Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-591
7.0
7.0
2025-04-08 CVE-2025-27476 Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-416
7.8
7.8
2025-04-08 CVE-2025-27479 Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.
network
low complexity
CWE-410
7.5
7.5
2025-04-08 CVE-2025-27480 Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
network
high complexity
CWE-416
8.1
8.1
2025-04-08 CVE-2025-27482 Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
network
high complexity
CWE-591
8.1
8.1