Filtered by vendor Microsoft
Subscribe
Total
24766 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54906 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54905 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2026-06-17 | N/A | 7.1 HIGH |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-54904 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54903 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54902 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54901 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-54900 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54899 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54898 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54897 | 1 Microsoft | 1 Sharepoint Server | 2026-06-17 | N/A | 8.8 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-54896 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-54895 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2026-06-17 | N/A | 7.8 HIGH |
| Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-54894 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2026-06-17 | N/A | 7.8 HIGH |
| Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | |||||
| CVE-2025-54313 | 5 Alexghr, Homarr, Microsoft and 2 more | 8 Got-fetch, Homarr, Windows and 5 more | 2026-06-17 | N/A | 7.5 HIGH |
| eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows. | |||||
| CVE-2025-54284 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54283 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54282 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54281 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54279 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54278 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2026-06-17 | N/A | 5.5 MEDIUM |
| Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||