Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-01-14 CVE-2025-21364 Unspecified vulnerability in Microsoft 365 Apps and Office
Microsoft Excel Security Feature Bypass Vulnerability
local
low complexity
microsoft
7.8
2025-01-14 CVE-2025-21365 Unspecified vulnerability in Microsoft 365 Apps and Office
Microsoft Office Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
2025-01-14 CVE-2025-21366 Unspecified vulnerability in Microsoft 365 Apps, Access and Office
Microsoft Access Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
2025-01-14 CVE-2025-21370 Unspecified vulnerability in Microsoft Windows 11 22H2
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
local
low complexity
microsoft
8.8
2025-01-14 CVE-2025-21372 Unspecified vulnerability in Microsoft products
Microsoft Brokering File System Elevation of Privilege Vulnerability
local
high complexity
microsoft
7.8
2025-01-14 CVE-2025-21395 Unspecified vulnerability in Microsoft 365 Apps, Access and Office
Microsoft Access Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
2025-01-14 CVE-2025-21402 Unspecified vulnerability in Microsoft Office and Onenote
Microsoft Office OneNote Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
2025-01-14 CVE-2025-21405 Unspecified vulnerability in Microsoft Visual Studio 2022
Visual Studio Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.3
2025-01-14 CVE-2024-13159 Unspecified vulnerability in Ivanti Endpoint Manager 2021.1.1/2022/2024
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
network
low complexity
ivanti
7.5
2025-01-14 CVE-2024-13160 Unspecified vulnerability in Ivanti Endpoint Manager 2021.1.1/2022/2024
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
network
low complexity
ivanti
7.5