Security Vulnerabilities - CVEs Published In June 2025
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-06-10
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-06-10
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.013
Published
2025-06-10
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.141
Published
2025-06-10
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.01
Published
2025-06-10
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.009
Published
2025-06-10
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.233
Published
2025-06-10
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.009
Published
2025-06-10
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
5.4
EPSS Score
0.014
Published
2025-06-10
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-06-10