High

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-08	CVE-2025-47733	Server-Side Request Forgery (SSRF) vulnerability in Microsoft Power Apps Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network network low complexity microsoft CWE-918	7.5
2025-04-30	CVE-2025-21416	Missing Authorization vulnerability in Microsoft Azure Virtual Desktop Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network. network low complexity microsoft CWE-862	8.8
2025-04-30	CVE-2025-30390	Improper Authorization vulnerability in Microsoft Azure Machine Learning Improper authorization in Azure allows an authorized attacker to elevate privileges over a network. network low complexity microsoft CWE-285	8.8
2025-04-30	CVE-2025-30391	Improper Input Validation vulnerability in Microsoft Dynamics 365 Customer Service Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network. network low complexity microsoft CWE-20	7.5
2025-04-30	CVE-2025-33074	Improper Verification of Cryptographic Signature vulnerability in Microsoft Azure Functions Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network. network low complexity microsoft CWE-347	8.8
2025-04-08	CVE-2025-29824	Use After Free vulnerability in Microsoft products Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. local low complexity microsoft CWE-416	7.8
2025-03-11	CVE-2025-24983	Use After Free vulnerability in Microsoft products Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. local high complexity microsoft CWE-416	7.0
2025-03-11	CVE-2025-24993	Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. local low complexity microsoft CWE-122	7.8
2025-02-11	CVE-2025-21182	Unspecified vulnerability in Microsoft Windows 11 24H2 and Windows Server 2025 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability local high complexity microsoft	7.4
2025-02-11	CVE-2025-21183	Unspecified vulnerability in Microsoft Windows 11 24H2 and Windows Server 2025 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability local high complexity microsoft	7.4