CVE-2025-21380: Azure Marketplace SaaS Resources Information Disclosure Vulnerability

CVE-2025-21385: Microsoft Purview Information Disclosure Vulnerability

CVE-2024-12695: Chromium: CVE-2024-12695 Out of bounds write in V8

CVE-2024-12694: Chromium: CVE-2024-12694 Use after free in Compositing

CVE-2024-12693: Chromium: CVE-2024-12693 Out of bounds memory access in V8

**According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?**

Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group.

Although this group defaults to only Administrators, it is possible for an Administrator to add other standard users to this group.

Headline

CVE-2023-36401: Microsoft Remote Registry Service Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News