CVE-2025-47957 – Microsoft Office Word Use-After-Free Remote Code Execution Vulnerability

June 11, 2025

CVE ID : CVE-2025-47957

Published : June 10, 2025, 5:24 p.m. | 18 hours, 50 minutes ago

Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5969 – D-Link DIR-632 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

Next Article CVE-2025-47953 – Microsoft Office Use After Free Remote Code Execution Vulnerability

Highlights

CVE-2025-42970 – SAPCAR Directory Traversal Vulnerability

July 7, 2025

CVE ID : CVE-2025-42970

Published : July 8, 2025, 1:15 a.m. | 35 minutes ago

Description : SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system, causing files to be extracted outside the intended directory and overwriting files in arbitrary locations. This vulnerability has a high impact on the integrity and availability of the application with no impact on confidentiality.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-47957 – Microsoft Office Word Use-After-Free Remote Code Execution Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-53605 – Google Protobuf Rust Crate Uncontrolled Recursion Vulnerability

How to Build a Custom MCP Server with TypeScript – A Handbook for Developers

Malicious extensions can use ChatGPT to steal your personal data – here’s how

Fldigi – modem program for most of the digital modes used by radio amateurs

CVE-2025-42970 – SAPCAR Directory Traversal Vulnerability

CVE-2025-47665 – Bistromatic N360 Splash Screen Stored Cross-site Scripting Vulnerability

CVE-2025-5504 – TOTOLINK X2000R Command Injection Vulnerability

AI Agent Examples: Transforming Technology

CVE-2025-47957 – Microsoft Office Word Use-After-Free Remote Code Execution Vulnerability

Related Posts