Allgemein – Seite 447

[UPDATE] [mittel] Rockwell Automation ControlLogix: Schwachstelle ermöglicht Denial of Service

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Rockwell Automation ControlLogix ausnutzen, um einen Denial of Service Angriff durchzuführen.

CVE-2025-54102 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

CVE-2025-49734 PowerShell Direct Elevation of Privilege Vulnerability

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

CVE-2025-54898 Microsoft Excel Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54902 Microsoft Excel Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54894 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

Information published.

CVE-2025-54896 Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54110 Windows Kernel Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-53796 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-55227 Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command (‚command injection‘) in SQL Server allows an authorized attacker to elevate privileges over a network.

Kategorie: Allgemein