Filtered by vendor Microsoft
Subscribe
Total
24769 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-62209 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-62208 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-62207 | 1 Microsoft | 1 Azure Monitor | 2026-06-17 | N/A | 8.6 HIGH |
| Azure Monitor Elevation of Privilege Vulnerability | |||||
| CVE-2025-62206 | 1 Microsoft | 1 Dynamics 365 | 2026-06-17 | N/A | 6.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-62205 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62204 | 1 Microsoft | 1 Sharepoint Server | 2026-06-17 | N/A | 8.0 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-62203 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62202 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.1 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-62201 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62200 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62199 | 1 Microsoft | 4 365 Apps, 365 Copilot, Excel and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-62189 | 3 Linux, Microsoft, Secuavail | 3 Linux Kernel, Windows, Logstare Collector | 2026-06-17 | N/A | 4.3 MEDIUM |
| LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may create a new user account by sending a crafted HTTP request. | |||||
| CVE-2025-61949 | 3 Linux, Microsoft, Secuavail | 3 Linux Kernel, Windows, Logstare Collector | 2026-06-17 | N/A | 5.4 MEDIUM |
| LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitrary script may be executed on the web browser of the user who logs in to the product's management page. | |||||
| CVE-2025-61835 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61834 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61833 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.1.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61832 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61831 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61824 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-61820 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||