Filtered by vendor Microsoft
Subscribe
Total
24771 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-64531 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-64299 | 3 Linux, Microsoft, Secuavail | 3 Linux Kernel, Windows, Logstare Collector | 2026-06-17 | N/A | 2.7 LOW |
| LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes. | |||||
| CVE-2025-64298 | 2 Microsoft, Mirion | 2 Windows, Biodose\/nmis | 2026-06-17 | N/A | 8.4 HIGH |
| NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data. | |||||
| CVE-2025-63372 | 2 Articentgroup, Microsoft | 2 Zip Rar Extractor Tool, Windows | 2026-06-17 | N/A | 4.3 MEDIUM |
| Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents. | |||||
| CVE-2025-62687 | 3 Linux, Microsoft, Secuavail | 3 Linux Kernel, Windows, Logstare Collector | 2026-06-17 | N/A | 6.5 MEDIUM |
| Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations may be performed. | |||||
| CVE-2025-62573 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 7.0 HIGH |
| Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-62572 | 1 Microsoft | 3 Windows 11 24h2, Windows 11 25h2, Windows Server 2025 | 2026-06-17 | N/A | 7.8 HIGH |
| Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-62571 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-62570 | 1 Microsoft | 3 Windows 11 24h2, Windows 11 25h2, Windows Server 2025 | 2026-06-17 | N/A | 7.1 HIGH |
| Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-62569 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows Server 2022 23h2 and 1 more | 2026-06-17 | N/A | 7.0 HIGH |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-62567 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-17 | N/A | 5.3 MEDIUM |
| Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny service over a network. | |||||
| CVE-2025-62565 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 7.3 HIGH |
| Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-62564 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62563 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62562 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62561 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62560 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62559 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62558 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62557 | 1 Microsoft | 4 365 Apps, 365 Copilot, Office and 1 more | 2026-06-17 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||