admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-08 18:00:46 +00:00
parent 9a3798d4ea
commit d29412da77
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
35 changed files with 4218 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
2025/27xxx/CVE-2025-27182.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27183.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27183",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27184.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27185.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27186.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27187.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27193.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Bridge versions 14.1.5, 15.0.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Bridge",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "15.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/bridge/apsb25-25.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/bridge/apsb25-25.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27194.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27194",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Media Encoder",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27195.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Media Encoder",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27196.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Premiere Pro",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/premiere_pro/apsb25-28.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/premiere_pro/apsb25-28.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27198.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Photoshop Desktop",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "26.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/photoshop/apsb25-30.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/photoshop/apsb25-30.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/27xxx/CVE-2025-27204.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27204",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "After Effects",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "24.6.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

147
2025/27xxx/CVE-2025-27751.json
View File

@ -1,17 +1,156 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Office Online Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.0.10417.20003"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Excel 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0.0",
"version_value": "16.0.5495.1000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27751",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27751"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

135
2025/27xxx/CVE-2025-27752.json
View File

@ -1,17 +1,144 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-27752",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27752",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27752"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

135
2025/29xxx/CVE-2025-29791.json
View File

@ -1,17 +1,144 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29791",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')",
"cweId": "CWE-843"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29791",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29791"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

113
2025/29xxx/CVE-2025-29792.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29792",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29792",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29792"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

89
2025/29xxx/CVE-2025-29793.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29793",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data",
"cweId": "CWE-502"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SharePoint Enterprise Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.10417.20003"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server Subscription Edition",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.18526.20172"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29793",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29793"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

89
2025/29xxx/CVE-2025-29794.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29794",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization",
"cweId": "CWE-285"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SharePoint Enterprise Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.10417.20003"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server Subscription Edition",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.18526.20172"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29794",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29794"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2025/29xxx/CVE-2025-29800.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29800",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft AutoUpdate for Mac",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.78"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29800",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29800"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2025/29xxx/CVE-2025-29801.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29801",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions",
"cweId": "CWE-276"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft AutoUpdate for Mac",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.78"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29801",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29801"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

89
2025/29xxx/CVE-2025-29802.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29802",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427: Uncontrolled Search Path Element",
"cweId": "CWE-427"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Visual Studio 2022 version 17.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.8.0",
"version_value": "17.8.20"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.10",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.10",
"version_value": "17.10.13"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.12",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.0",
"version_value": "17.12.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29802",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29802"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

101
2025/29xxx/CVE-2025-29804.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29804",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Visual Studio 2022 version 17.13",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.10",
"version_value": "17.13.6"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.12",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.0",
"version_value": "17.12.7"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.8.0",
"version_value": "17.8.20"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.10",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.10",
"version_value": "17.10.13"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29804",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29804"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2025/29xxx/CVE-2025-29805.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Outlook for Android",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0",
"version_value": "4.2509.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29805",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29805"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
]
}

65
2025/29xxx/CVE-2025-29808.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29808",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation",
"cweId": "CWE-1240"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.20348.0",
"version_value": "10.0.20348.3454"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
]
}

256
2025/29xxx/CVE-2025-29809.json
View File

@ -1,17 +1,265 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29809",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-922: Insecure Storage of Sensitive Information",
"cweId": "CWE-922"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows 10 Version 1809",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.20348.0",
"version_value": "10.0.20348.3454"
}
]
}
},
{
"product_name": "Windows 10 Version 21H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.19043.0",
"version_value": "10.0.19044.5737"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22621.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 10 Version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.19045.0",
"version_value": "10.0.19045.5737"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22631.5191"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.25398.0",
"version_value": "10.0.25398.1551"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 10 Version 1507",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Windows 10 Version 1607",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RC:C"
}
]
}

364
2025/29xxx/CVE-2025-29810.json
View File

@ -1,17 +1,373 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29810",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows 10 Version 1809",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.20348.0",
"version_value": "10.0.20348.3454"
}
]
}
},
{
"product_name": "Windows 10 Version 21H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.19043.0",
"version_value": "10.0.19044.5737"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22621.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 10 Version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.19045.0",
"version_value": "10.0.19045.5737"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22631.5191"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.25398.0",
"version_value": "10.0.25398.1551"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 10 Version 1507",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Windows 10 Version 1607",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.6003.0",
"version_value": "6.0.6003.23220"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.6003.0",
"version_value": "6.0.6003.23220"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.6003.0",
"version_value": "6.0.6003.23220"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.1.7601.0",
"version_value": "6.1.7601.27670"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.1.7601.0",
"version_value": "6.1.7601.27670"
}
]
}
},
{
"product_name": "Windows Server 2012",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.9200.0",
"version_value": "6.2.9200.25423"
}
]
}
},
{
"product_name": "Windows Server 2012 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.9200.0",
"version_value": "6.2.9200.25423"
}
]
}
},
{
"product_name": "Windows Server 2012 R2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.9600.0",
"version_value": "6.3.9600.22523"
}
]
}
},
{
"product_name": "Windows Server 2012 R2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.9600.0",
"version_value": "6.3.9600.22523"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29810",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29810"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

147
2025/29xxx/CVE-2025-29811.json
View File

@ -1,17 +1,156 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29811",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
},
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow",
"cweId": "CWE-122"
},
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22621.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22631.5191"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.25398.0",
"version_value": "10.0.25398.1551"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29811",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29811"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

149
2025/29xxx/CVE-2025-29812.json
View File

@ -1,17 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29812",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-822: Untrusted Pointer Dereference",
"cweId": "CWE-822"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.20348.0",
"version_value": "10.0.20348.3454"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22621.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22631.5191"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.25398.0",
"version_value": "10.0.25398.1551"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29812",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29812"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

147
2025/29xxx/CVE-2025-29816.json
View File

@ -1,17 +1,156 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29816",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data",
"cweId": "CWE-349"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
},
{
"product_name": "Microsoft Word 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "16.0.5495.1002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29816",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29816"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

77
2025/29xxx/CVE-2025-29819.json
View File

@ -1,17 +1,86 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29819",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73: External Control of File Name or Path",
"cweId": "CWE-73"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows Admin Center in Azure Portal",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0",
"version_value": "0.45.0.0"
}
]
}
},
{
"product_name": "Windows Admin Center",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1809.0",
"version_value": "2.4.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 6.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
]
}

147
2025/29xxx/CVE-2025-29820.json
View File

@ -1,17 +1,156 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29820",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft SharePoint Enterprise Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
},
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29820",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29820"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

101
2025/29xxx/CVE-2025-29821.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29821",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Dynamics 365 Business Central 2024 Wave 1 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "24.0",
"version_value": "24.12.32447.0"
}
]
}
},
{
"product_name": "Microsoft Dynamics 365 Business Central 2023 Wave 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "23.0",
"version_value": "23.18.32409"
}
]
}
},
{
"product_name": "Microsoft Dynamics 365 Business Central 2024 Wave 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "25.0",
"version_value": "25.6.32556"
}
]
}
},
{
"product_name": "Microsoft Dynamics 365 Business Central 2025 Wave 1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "26.0",
"version_value": "26.0.32481"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29821",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29821"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
]
}

147
2025/29xxx/CVE-2025-29822.json
View File

@ -1,17 +1,156 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29822",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-184: Incomplete List of Disallowed Inputs",
"cweId": "CWE-184"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Office 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2021",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft OneNote",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "16.96.25033028"
}
]
}
},
{
"product_name": "Microsoft Office LTSC 2024",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.0.0",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
},
{
"product_name": "Microsoft OneNote 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.0",
"version_value": "16.0.5495.1001"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2024",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Microsoft Office LTSC for Mac 2021",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29822",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29822"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

65
2025/29xxx/CVE-2025-29823.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29823",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft 365 Apps for Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0.1",
"version_value": "https://aka.ms/OfficeSecurityReleases"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29823",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29823"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
}
]
}

364
2025/29xxx/CVE-2025-29824.json
View File

@ -1,17 +1,373 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-29824",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows 10 Version 1809",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.17763.0",
"version_value": "10.0.17763.7137"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.20348.0",
"version_value": "10.0.20348.3454"
}
]
}
},
{
"product_name": "Windows 10 Version 21H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.19043.0",
"version_value": "10.0.19044.5737"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22621.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 10 Version 22H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.19045.0",
"version_value": "10.0.19045.5737"
}
]
}
},
{
"product_name": "Windows Server 2025 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22621.5191"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.22631.0",
"version_value": "10.0.22631.5191"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.25398.0",
"version_value": "10.0.25398.1551"
}
]
}
},
{
"product_name": "Windows 11 Version 24H2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows Server 2025",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.26100.0",
"version_value": "10.0.26100.3775"
}
]
}
},
{
"product_name": "Windows 10 Version 1507",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Windows 10 Version 1607",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.14393.0",
"version_value": "10.0.14393.7970"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.6003.0",
"version_value": "6.0.6003.23220"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.6003.0",
"version_value": "6.0.6003.23220"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.6003.0",
"version_value": "6.0.6003.23220"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.1.7601.0",
"version_value": "6.1.7601.27670"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.1.7601.0",
"version_value": "6.1.7601.27670"
}
]
}
},
{
"product_name": "Windows Server 2012",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.9200.0",
"version_value": "6.2.9200.25423"
}
]
}
},
{
"product_name": "Windows Server 2012 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.2.9200.0",
"version_value": "6.2.9200.25423"
}
]
}
},
{
"product_name": "Windows Server 2012 R2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.9600.0",
"version_value": "6.3.9600.22523"
}
]
}
},
{
"product_name": "Windows Server 2012 R2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.3.9600.0",
"version_value": "6.3.9600.22523"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.8,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C"
}
]
}