Security Vulnerabilities - CVEs Published In June 2025
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
CVSS Score
5.5
EPSS Score
0.016
Published
2025-06-10
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.005
Published
2025-06-10
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.011
Published
2025-06-10
'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.012
Published
2025-06-10
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.01
Published
2025-06-10
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-06-10
Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-06-10
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.038
Published
2025-06-10
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVSS Score
6.7
EPSS Score
0.032
Published
2025-06-10
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-06-10