Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-23 | CVE-2025-29806 | Code Injection vulnerability in Microsoft Edge Chromium No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | 6.5 |
| 2025-03-11 | CVE-2025-24054 | External Control of File Name or Path vulnerability in Microsoft products External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | 5.4 |
| 2025-03-11 | CVE-2025-24983 | Use After Free vulnerability in Microsoft products Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. | 7.0 |
| 2025-03-11 | CVE-2025-24984 | Information Exposure Through Log Files vulnerability in Microsoft products Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | 4.6 |
| 2025-03-11 | CVE-2025-24985 | Heap-based Buffer Overflow vulnerability in Microsoft products Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | 7.8 |
| 2025-03-11 | CVE-2025-24991 | Out-of-bounds Read vulnerability in Microsoft products Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | 5.5 |
| 2025-03-11 | CVE-2025-24993 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | 7.8 |
| 2025-03-07 | CVE-2025-26643 | Unspecified vulnerability in Microsoft Edge Chromium The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | 5.4 |
| 2025-02-19 | CVE-2025-21355 | Missing Authentication for Critical Function vulnerability in Microsoft Bing Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network | 9.8 |
| 2025-02-19 | CVE-2025-24989 | Unspecified vulnerability in Microsoft Power Pages An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. | 9.8 |