Microsoft: Security Vulnerabilities
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVSS Score
6.8
EPSS Score
0.002
Published
2025-08-12
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-08-12
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.
CVSS Score
7.9
EPSS Score
0.001
Published
2025-08-12
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-12
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-12
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-08-12
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-12
Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-12
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-08-12
Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
5.3
EPSS Score
0.002
Published
2025-08-12