HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-60722

Feb 13, 2026 20:45:55 UTC

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.

CVE-2025-60719

Feb 13, 2026 20:45:54 UTC

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-62216

Feb 13, 2026 20:45:54 UTC

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-62210

Feb 13, 2026 20:45:53 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.

CVE-2025-62206

Feb 13, 2026 20:45:52 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

CVE-2025-62199

Feb 13, 2026 20:45:52 UTC

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-60728

Feb 13, 2026 20:45:51 UTC

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2025-60727

Feb 13, 2026 20:45:51 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-60726

Feb 13, 2026 20:45:50 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-60709

Feb 13, 2026 20:45:50 UTC

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-60708

Feb 13, 2026 20:45:49 UTC

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

CVE-2025-60707

Feb 13, 2026 20:45:48 UTC

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.

CVE-2025-60706

Feb 13, 2026 20:45:48 UTC

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.

CVE-2025-60705

Feb 13, 2026 20:45:47 UTC

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

CVE-2025-60704

Feb 13, 2026 20:45:46 UTC

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

Page: 162