Security Vulnerabilities - CVEs Published In April 2025
Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.011
Published
2025-04-08
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-04-08
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
8.6
EPSS Score
0.008
Published
2025-04-08
Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.032
Published
2025-04-08
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-04-08
Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.017
Published
2025-04-08
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-04-08
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.008
Published
2025-04-08