Filtered by vendor Microsoft
Subscribe
Total
24733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30299 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30298 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30297 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30296 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30295 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-2827 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling File Gateway, Linux Kernel and 1 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system. | |||||
| CVE-2025-2793 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2026-06-17 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-2783 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-06-17 | N/A | 8.3 HIGH |
| Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) | |||||
| CVE-2025-2140 | 3 Ibm, Linux, Microsoft | 4 Aix, Engineering Requirements Management Doors Next, Linux Kernel and 1 more | 2026-06-17 | N/A | 5.7 MEDIUM |
| IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data. | |||||
| CVE-2025-2139 | 3 Ibm, Linux, Microsoft | 4 Aix, Engineering Requirements Management Doors Next, Linux Kernel and 1 more | 2026-06-17 | N/A | 3.5 LOW |
| IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security. | |||||
| CVE-2025-2138 | 3 Ibm, Linux, Microsoft | 4 Aix, Engineering Requirements Management Doors Next, Linux Kernel and 1 more | 2026-06-17 | N/A | 3.5 LOW |
| IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security. | |||||
| CVE-2025-29979 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-29978 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-29977 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-29976 | 1 Microsoft | 1 Sharepoint Server | 2026-06-17 | N/A | 7.8 HIGH |
| Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-29975 | 1 Microsoft | 1 Pc Manager | 2026-06-17 | N/A | 7.8 HIGH |
| Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-29974 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2026-06-17 | N/A | 5.7 MEDIUM |
| Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network. | |||||
| CVE-2025-29973 | 1 Microsoft | 1 Azure File Sync | 2026-06-17 | N/A | 7.0 HIGH |
| Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-29972 | 1 Microsoft | 1 Azure Storage Resource Provider | 2026-06-17 | N/A | 9.9 CRITICAL |
| Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker to perform spoofing over a network. | |||||
| CVE-2025-29971 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 | 2026-06-17 | N/A | 7.5 HIGH |
| Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. | |||||