Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
81,609 matching · page 274/1633Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-47170(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47169(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47168(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47167(opens NVD record) | High | 8.4 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47166(opens NVD record) | High | 8.8 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Jun 10, 2025 |
| CVE-2025-47165(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47164(opens NVD record) | High | 8.4 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47163(opens NVD record) | High | 8.8 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Jun 10, 2025 |
| CVE-2025-47162(opens NVD record) | High | 8.4 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | Jun 10, 2025 |
| CVE-2025-47160(opens NVD record) | Medium | 5.4 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | Jun 10, 2025 |
| CVE-2025-47106(opens NVD record) | Medium | 5.5 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-47105(opens NVD record) | Medium | 5.5 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-47104(opens NVD record) | Medium | 5.5 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-43593(opens NVD record) | High | 7.8 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-43590(opens NVD record) | High | 7.8 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-43589(opens NVD record) | High | 7.8 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-43558(opens NVD record) | High | 7.8 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jun 10, 2025 |
| CVE-2025-33112(opens NVD record) | High | 8.4 | IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input. | Jun 10, 2025 |
| CVE-2025-33075(opens NVD record) | High | 7.8 | Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | Jun 10, 2025 |
| CVE-2025-33073(opens NVD record) | High | 8.8 | Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | Jun 10, 2025 |
| CVE-2025-33071(opens NVD record) | High | 8.1 | Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. | Jun 10, 2025 |
| CVE-2025-33070(opens NVD record) | High | 8.1 | Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. | Jun 10, 2025 |
| CVE-2025-33069(opens NVD record) | Medium | 5.1 | Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. | Jun 10, 2025 |
| CVE-2025-33068(opens NVD record) | High | 7.5 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | Jun 10, 2025 |
| CVE-2025-33067(opens NVD record) | High | 8.4 | Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | Jun 10, 2025 |
| CVE-2025-33066(opens NVD record) | High | 8.8 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | Jun 10, 2025 |
| CVE-2025-33065(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33064(opens NVD record) | High | 8.8 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | Jun 10, 2025 |
| CVE-2025-33063(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33062(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33061(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33060(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33059(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33058(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33057(opens NVD record) | Medium | 6.5 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | Jun 10, 2025 |
| CVE-2025-33056(opens NVD record) | High | 7.5 | Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. | Jun 10, 2025 |
| CVE-2025-33055(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33053(opens NVD record) | High | 8.8 | External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network. | Jun 10, 2025 |
| CVE-2025-33052(opens NVD record) | Medium | 5.5 | Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-33050(opens NVD record) | High | 7.5 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | Jun 10, 2025 |
| CVE-2025-32725(opens NVD record) | High | 7.5 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | Jun 10, 2025 |
| CVE-2025-32724(opens NVD record) | High | 7.5 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | Jun 10, 2025 |
| CVE-2025-32722(opens NVD record) | Medium | 5.5 | Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-32721(opens NVD record) | High | 7.3 | Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally. | Jun 10, 2025 |
| CVE-2025-32720(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-32719(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | Jun 10, 2025 |
| CVE-2025-32718(opens NVD record) | High | 7.8 | Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. | Jun 10, 2025 |
| CVE-2025-32716(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally. | Jun 10, 2025 |
| CVE-2025-32715(opens NVD record) | Medium | 6.5 | Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. | Jun 10, 2025 |
| CVE-2025-32714(opens NVD record) | High | 7.8 | Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. | Jun 10, 2025 |