mscve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	MS:CVE-2026-0628	Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag_MS:CVE-2026-0628 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jan 9, 2026	MSCVE
NONE	MS:CVE-2025-62224	Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability_MS:CVE-2025-62224 User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over ...	N/A	N/A	Jan 7, 2026	MSCVE
LOW 1.9	MS:CVE-2025-11961	OOBR and OOBW in pcap_ether_aton() in libpcap_MS:CVE-2025-11961 {“lastseen”:”2026-01-06T09:42:33″,”description”:””,”published”:”2026-01-03T01:01:...	N/A	N/A	Jan 3, 2026	MSCVE
LOW 1.9	MS:CVE-2025-11964	OOBW in utf_16le_to_utf_8_truncated() in libpcap_MS:CVE-2025-11964 {“lastseen”:”2026-01-06T09:42:33″,”description”:””,”published”:”2026-01-03T01:01:...	N/A	N/A	Jan 3, 2026	MSCVE
HIGH 7	MS:CVE-2025-13699	MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability_MS:CVE-2025-13699 {“lastseen”:”2025-12-30T09:44:22″,”description”:””,”published”:”2025-12-27T01:01:...	N/A	N/A	Dec 27, 2025	MSCVE
HIGH 7.5	MS:CVE-2025-12105	Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion_MS:CVE-2025-12105 {“lastseen”:”2025-12-24T09:39:04″,”description”:””,”published”:”2025-12-21T01:01:...	N/A	N/A	Dec 21, 2025	MSCVE
HIGH 8.2	MS:CVE-2025-64677	Office Out-of-Box Experience Spoofing Vulnerability_MS:CVE-2025-64677 Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacke...	N/A	N/A	Dec 18, 2025	MSCVE
CRITICAL 10	MS:CVE-2025-65037	Azure Container Apps Remote Code Execution Vulnerability_MS:CVE-2025-65037 Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.	N/A	N/A	Dec 18, 2025	MSCVE
HIGH 8.3	MS:CVE-2025-64675	Azure Cosmos DB Spoofing Vulnerability_MS:CVE-2025-64675 Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform ...	N/A	N/A	Dec 18, 2025	MSCVE
HIGH 7.2	MS:CVE-2025-64676	Microsoft Purview eDiscovery Remote Code Execution Vulnerability_MS:CVE-2025-64676 '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.	N/A	N/A	Dec 18, 2025	MSCVE