Vulnerabilities > Microsoft > High

DATE CVE VULNERABILITY TITLE RISK
2025-05-15 CVE-2025-47161 Improper Access Control vulnerability in Microsoft Defender for Endpoint
Microsoft Defender for Endpoint Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-284
7.8
7.8
2025-05-13 CVE-2025-30377 Use After Free vulnerability in Microsoft products
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-30378 Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
local
high complexity
microsoft CWE-502
7.0
7.0
2025-05-13 CVE-2025-30382 Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-502
7.8
7.8
2025-05-13 CVE-2025-30384 Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
local
high complexity
microsoft CWE-502
7.0
7.0
2025-05-13 CVE-2025-30385 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-30386 Use After Free vulnerability in Microsoft products
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-30388 Heap-based Buffer Overflow vulnerability in Microsoft products
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-122
7.8
7.8
2025-05-13 CVE-2025-30400 Use After Free vulnerability in Microsoft products
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-32701 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8