CVE-2025-29807 - How Deserialization in Microsoft Dataverse Can Let Attackers Run Code Remotely
Summary:
On May 8, 2025, Microsoft disclosed CVE-2025-29807, a vulnerability caused by unsafe deserialization of untrusted data in Microsoft Dataverse. This flaw lets an authenticated
CVE-2025-29814 - Improper Authorization in Microsoft Partner Center Lets Attackers Elevate Privileges
CVE-2025-29814 is a new critical vulnerability found in Microsoft Partner Center. This flaw allows attackers who already have authorized access to the network to elevate
CVE-2025-23120 - Remote Code Execution Vulnerability Lets Domain Users Compromise Your Server
Update June 2024: A new critical vulnerability tracked as CVE-2025-23120 is making waves in the security community. This flaw allows remote code execution (RCE) for
CVE-2025-26125 - How an Exposed IOCTL in IObit Malware Fighter v12.1.’s IMFForceDelete Driver Allows Hackers to Delete Any File and Escalate Privileges
A serious security flaw known as CVE-2025-26125 has been found in the IMFForceDelete driver of IObit Malware Fighter v12.1.. This bug exposes a privileged
CVE-2025-26645 - Exploiting Relative Path Traversal in Remote Desktop Client for Remote Code Execution
A new high-severity vulnerability—CVE-2025-26645—has been discovered in popular Remote Desktop Client software. This flaw allows attackers anywhere on your network to execute arbitrary
Episode
00:00:00
00:00:00