Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2025-32705: Microsoft Outlook Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.

Microsoft Security Response Center
#vulnerability#microsoft#rce#auth#Microsoft Office Outlook#Security Vulnerability
CVE-2025-29842: UrlMon Security Feature Bypass Vulnerability

No cwe for this issue in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-29837: Windows Installer Information Disclosure Vulnerability

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

CVE-2025-29836: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?** An unauthorized attacker must wait for a user to initiate a connection.

CVE-2025-29841: Universal Print Management Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.