7.8
CVE-2025-29976 - Microsoft SharePoint Server Elevation of Privilege Vulnerability
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-29975 - Microsoft PC Manager Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
7
CVE-2025-29973 - Microsoft Azure File Sync Elevation of Privilege Vulnerability
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.
7.5
CVE-2025-29971 - Web Threat Defense (WTD.sys) Denial of Service Vulnerability
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.
7.8
CVE-2025-29970 - Microsoft Brokering File System Elevation of Privilege Vulnerability
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.5
CVE-2025-29969 - MS-EVEN RPC Remote Code Execution Vulnerability
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.
6.5
CVE-2025-29968 - Active Directory Certificate Services (AD CS) Denial of Service Vulnerability
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
8.8
CVE-2025-29967 - Remote Desktop Client Remote Code Execution Vulnerability
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
8.8
CVE-2025-29966 - Remote Desktop Client Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
8.8
CVE-2025-29964 - Windows Media Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.