CyberAlerts

CVE-2025-26631

Visual Studio Code Elevation of Privilege Vulnerability

Description: Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.3)

EPSS Score: 0.12%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-26630

Microsoft Access Remote Code Execution Vulnerability

Description: Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

CVSS: HIGH (7.8)

EPSS Score: 0.08%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-26629

Microsoft Office Remote Code Execution Vulnerability

Description: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: HIGH (7.8)

EPSS Score: 0.08%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-26627

Azure Arc Installer Elevation of Privilege Vulnerability

Description: Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.0)

EPSS Score: 0.04%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-25008

Windows Server Elevation of Privilege Vulnerability

Description: Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.1)

EPSS Score: 0.06%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-25003

Visual Studio Elevation of Privilege Vulnerability

Description: Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.3)

EPSS Score: 0.12%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24998

Visual Studio Elevation of Privilege Vulnerability

Description: Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.3)

EPSS Score: 0.12%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24997

DirectX Graphics Kernel File Denial of Service Vulnerability

Description: Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.

CVSS: MEDIUM (4.4)

EPSS Score: 0.06%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24996

NTLM Hash Disclosure Spoofing Vulnerability

Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.12%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24995

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Description: Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE

March 11th, 2025 (3 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: