Total
6635 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54902 | 1 Microsoft | 15 365, 365 Apps, Excel and 12 more | 2025-11-20 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54896 | 1 Microsoft | 15 365, 365 Apps, Excel and 12 more | 2025-11-20 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54111 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-11-20 | 7.8 High |
| Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54102 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2025-11-20 | 7.8 High |
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54101 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-11-20 | 4.8 Medium |
| Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-59238 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59227 | 1 Microsoft | 12 365, 365 Apps, Office and 9 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59226 | 1 Microsoft | 6 365, 365 Apps, Office 2021 and 3 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59225 | 1 Microsoft | 12 365, 365 Apps, Excel and 9 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59224 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59223 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59222 | 1 Microsoft | 15 365, 365 Apps, Office and 12 more | 2025-11-19 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59221 | 1 Microsoft | 15 365, 365 Apps, Office and 12 more | 2025-11-19 | 7 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59210 | 1 Microsoft | 8 Windows, Windows 11, Windows 11 24h2 and 5 more | 2025-11-19 | 7.4 High |
| Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-59189 | 1 Microsoft | 8 Windows, Windows 11, Windows 11 24h2 and 5 more | 2025-11-19 | 7.4 High |
| Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-58738 | 1 Microsoft | 23 Windows, Windows 10, Windows 10 1507 and 20 more | 2025-11-19 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58737 | 1 Microsoft | 11 Remote Desktop, Windows, Windows Server and 8 more | 2025-11-19 | 7 High |
| Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58736 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2025-11-19 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58734 | 1 Microsoft | 24 Windows, Windows 10 1507, Windows 10 1607 and 21 more | 2025-11-19 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58733 | 1 Microsoft | 32 Windows, Windows 10, Windows 10 1507 and 29 more | 2025-11-19 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||