7.8
CVE-2025-49725 - Windows Notification Elevation of Privilege Vulnerability
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
8.8
CVE-2025-49724 - Windows Connected Devices Platform Service Remote Code Execution Vulnerability
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
5.7
CVE-2025-49722 - Windows Print Spooler Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.
7.5
CVE-2025-49718 - Microsoft SQL Server Information Disclosure Vulnerability
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
7.8
CVE-2025-49714 - Visual Studio Code Python Extension Remote Code Execution Vulnerability
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
6.5
CVE-2025-49706 - Microsoft SharePoint Server Spoofing Vulnerability
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
7.8
CVE-2025-49705 - Microsoft PowerPoint Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
8.8
CVE-2025-49704 - Microsoft SharePoint Remote Code Execution Vulnerability
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
7.8
CVE-2025-49703 - Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8
CVE-2025-49702 - Microsoft Office Remote Code Execution Vulnerability
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.