mscve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	MS:CVE-2025-13699	MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability_MS:CVE-2025-13699 {“lastseen”:”2025-12-30T09:44:22″,”description”:””,”published”:”2025-12-27T01:01:...	N/A	N/A	Dec 27, 2025	MSCVE
HIGH 7.5	MS:CVE-2025-12105	Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion_MS:CVE-2025-12105 {“lastseen”:”2025-12-24T09:39:04″,”description”:””,”published”:”2025-12-21T01:01:...	N/A	N/A	Dec 21, 2025	MSCVE
HIGH 8.2	MS:CVE-2025-64677	Office Out-of-Box Experience Spoofing Vulnerability_MS:CVE-2025-64677 Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacke...	N/A	N/A	Dec 18, 2025	MSCVE
CRITICAL 10	MS:CVE-2025-65037	Azure Container Apps Remote Code Execution Vulnerability_MS:CVE-2025-65037 Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.	N/A	N/A	Dec 18, 2025	MSCVE
HIGH 8.3	MS:CVE-2025-64675	Azure Cosmos DB Spoofing Vulnerability_MS:CVE-2025-64675 Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform ...	N/A	N/A	Dec 18, 2025	MSCVE
HIGH 7.2	MS:CVE-2025-64676	Microsoft Purview eDiscovery Remote Code Execution Vulnerability_MS:CVE-2025-64676 '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.	N/A	N/A	Dec 18, 2025	MSCVE
LOW 3.1	MS:CVE-2025-65046	Microsoft Edge (Chromium-based) Spoofing Vulnerability_MS:CVE-2025-65046 {“lastseen”:”2025-12-18T23:36:40″,”description”:””,”published”:”2025-12-18T08:00:...	N/A	N/A	Dec 18, 2025	MSCVE
CRITICAL 9.9	MS:CVE-2025-64663	Custom Question Answering Elevation of Privilege Vulnerability_MS:CVE-2025-64663 {“lastseen”:”2025-12-18T23:36:40″,”description”:””,”published”:”2025-12-18T08:00:...	N/A	N/A	Dec 18, 2025	MSCVE
CRITICAL 10	MS:CVE-2025-65041	Microsoft Partner Center Elevation of Privilege Vulnerability_MS:CVE-2025-65041 Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.	N/A	N/A	Dec 18, 2025	MSCVE
HIGH 8.8	MS:CVE-2025-14765	Chromium: CVE-2025-14765 Out of bounds read and write in V8_MS:CVE-2025-14765 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Dec 18, 2025	MSCVE