Security Vulnerabilities - CVEs Published In March 2025
CVE-2025-24985
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.009
Published
2025-03-11
Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-03-11
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
CVSS Score
6.6
EPSS Score
0.001
Published
2025-03-11
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.003
Published
2025-03-11
CVE-2025-24983
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
Known exploited
CVSS Score
7.0
EPSS Score
0.009
Published
2025-03-11
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11