Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-27728 Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-125
7.8
7.8
2025-04-08 CVE-2025-27729 Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
local
low complexity
CWE-416
7.8
7.8
2025-04-08 CVE-2025-27730 Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-416
7.8
7.8
2025-04-08 CVE-2025-27731 Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-20
7.8
7.8
2025-04-08 CVE-2025-27739 Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-822
7.8
7.8
2025-04-08 CVE-2025-27740 Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.
network
low complexity
 8.8
8.8
2025-04-08 CVE-2025-27743 Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-426
7.8
7.8
2025-04-08 CVE-2025-27744 Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-284
7.8
7.8
2025-04-08 CVE-2025-29792 Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-416
7.3
7.3
2025-04-08 CVE-2025-29793 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
network
low complexity
CWE-502
7.2
7.2