CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29795 – Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29795
23 Mar 2025 — Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29795 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29806 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29806
23 Mar 2025 — No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29806 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 1CVE-2025-29814 – Microsoft Partner Center Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-29814
21 Mar 2025 — Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. • https://github.com/SatiresHashi/CVE-2025-29814 • CWE-20: Improper Input Validation •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29807 – Microsoft Dataverse Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29807
21 Mar 2025 — Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29807 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24053 – Microsoft Dataverse Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24053
13 Mar 2025 — Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24053 • CWE-285: Improper Authorization •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-26645 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26645
11 Mar 2025 — Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645 • CWE-23: Relative Path Traversal CWE-284: Improper Access Control •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26633 – Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
https://notcve.org/view.php?id=CVE-2025-26633
11 Mar 2025 — Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of MSC files. The product does not warn the user before loading an unexpected MSC file. An a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26633 • CWE-707: Improper Neutralization •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26631 – Visual Studio Code Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26631
11 Mar 2025 — Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26631 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-26630 – Microsoft Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26630
11 Mar 2025 — Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26630 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-26629 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26629
11 Mar 2025 — Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26629 • CWE-416: Use After Free •