8.4
CVE-2025-49697 - Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
CVE-2025-49696 - Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4
CVE-2025-49695 - Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
CVE-2025-49693 - Microsoft Brokering File System Elevation of Privilege Vulnerability
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7
CVE-2025-49685 - Windows Search Service Elevation of Privilege Vulnerability
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
5.5
CVE-2025-49684 - Windows Storage Port Driver Information Disclosure Vulnerability
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
7.8
CVE-2025-49683 - Microsoft Virtual Hard Disk Remote Code Execution Vulnerability
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
7.3
CVE-2025-49682 - Windows Media Elevation of Privilege Vulnerability
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
6.5
CVE-2025-49681 - Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
7.3
CVE-2025-49680 - Windows Performance Recorder (WPR) Denial of Service Vulnerability
Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.