8
CVE-2025-47178 - Microsoft Configuration Manager Remote Code Execution Vulnerability
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.
8.1
CVE-2025-49735 - Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
3.1
CVE-2025-49731 - Microsoft Teams Elevation of Privilege Vulnerability
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
7.8
CVE-2025-49726 - Windows Notification Elevation of Privilege Vulnerability
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
8.8
CVE-2025-49723 - Windows StateRepository API Server file Tampering Vulnerability
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.
7.8
CVE-2025-49721 - Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.
7.5
CVE-2025-49719 - Microsoft SQL Server Information Disclosure Vulnerability
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
8.5
CVE-2025-49717 - Microsoft SQL Server Remote Code Execution Vulnerability
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
7.5
CVE-2025-49716 - Windows Netlogon Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.
7.8
CVE-2025-49711 - Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.