| CVE-2025-47969 | Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-47968 | Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-47962 | Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-47957 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47956 | External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. | medium |
| CVE-2025-47955 | Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-47953 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47176 | '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | high |
| CVE-2025-47175 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47174 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47173 | Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47172 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | high |
| CVE-2025-47171 | Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. | medium |
| CVE-2025-47170 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47169 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47168 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47167 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47166 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | high |
| CVE-2025-47165 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47164 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47163 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | high |
| CVE-2025-47162 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | high |
| CVE-2025-47160 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | medium |
| CVE-2025-47108 | Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | high |
| CVE-2025-47106 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | medium |
| CVE-2025-47105 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | medium |
| CVE-2025-47104 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | medium |
| CVE-2025-43593 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | high |
| CVE-2025-43590 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | high |
| CVE-2025-43589 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | high |
| CVE-2025-43558 | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | high |
| CVE-2025-33112 | IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input. | high |
| CVE-2025-33075 | Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-33073 | Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | high |
| CVE-2025-33071 | Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-33070 | Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. | high |
| CVE-2025-33069 | Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. | medium |
| CVE-2025-33068 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | high |
| CVE-2025-33067 | Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | high |
| CVE-2025-33066 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-33065 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33064 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | high |
| CVE-2025-33063 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33062 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33061 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33060 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33059 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33058 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33057 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | medium |
| CVE-2025-33056 | Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. | high |
