8.8
CVE-2025-53772 - Web Deploy Remote Code Execution Vulnerability
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
8.8
CVE-2025-24999 - Microsoft SQL Server Elevation of Privilege Vulnerability
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.
7.8
CVE-2025-53761 - Microsoft PowerPoint Remote Code Execution Vulnerability
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
7.1
CVE-2025-53760 - Microsoft SharePoint Elevation of Privilege Vulnerability
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
7.8
CVE-2025-53759 - Microsoft Excel Remote Code Execution Vulnerability
Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
CVE-2025-53741 - Microsoft Excel Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
CVE-2025-53730 - Microsoft Office Visio Remote Code Execution Vulnerability
Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
7.5
CVE-2025-33051 - Microsoft Exchange Server Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
7.8
CVE-2025-53729 - Microsoft Azure File Sync Elevation of Privilege Vulnerability
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.
8.8
CVE-2025-53727 - Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.