Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-03-11 CVE-2025-24983 Use After Free vulnerability in Microsoft products
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
local
high complexity
microsoft CWE-416
7.0
7.0
2025-03-11 CVE-2025-24993 Heap-based Buffer Overflow vulnerability in Microsoft products
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-122
7.8
7.8
2025-03-11 CVE-2025-24994 Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-284
7.3
7.3
2025-03-11 CVE-2025-24995 Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-122
7.8
7.8
2025-03-11 CVE-2025-24998 Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-427
7.3
7.3
2025-03-11 CVE-2025-25003 Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-427
7.3
7.3
2025-03-11 CVE-2025-25008 Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-59
7.1
7.1
2025-03-11 CVE-2025-26627 Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.
local
high complexity
CWE-77
7.0
7.0
2025-03-11 CVE-2025-26629 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8
2025-03-11 CVE-2025-26630 Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8