Privacy Trust

on August 6, 2025 at 7:00 am — CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

On April 18th 2025, Microsoft announced [Exchange Server Security Changes for Hybrid Deployments](https://techcommunity.microsoft.com/blog/exchange/exchange-server-security-changes-for-hybrid-deployments/4396833) and accompanying non-security [Hot Fix](https://techcommunity.microsoft.com/blog/exchange/released-april-2025-exchange-server-hotfix-updates/4402471). Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identified specific security implications tied to the guidance and configuration steps outlined in the April announcement. Microsoft […]

on August 6, 2025 at 7:00 am — CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability Read More »

on July 31, 2025 at 6:54 pm — Chromium: CVE-2025-8292 Use after free in Media Stream

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

on July 31, 2025 at 6:54 pm — Chromium: CVE-2025-8292 Use after free in Media Stream Read More »

on July 25, 2025 at 5:50 pm — Chromium: CVE-2025-8011 Type Confusion in V8

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

on July 25, 2025 at 5:50 pm — Chromium: CVE-2025-8011 Type Confusion in V8 Read More »

on July 25, 2025 at 5:50 pm — Chromium: CVE-2025-8010 Type Confusion in V8

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

on July 25, 2025 at 5:50 pm — Chromium: CVE-2025-8010 Type Confusion in V8 Read More »

on July 22, 2025 at 7:00 am — CVE-2025-29819 Windows Admin Center in Azure Portal Information Disclosure Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Updated acknowledgment. This is an informational change only.

on July 22, 2025 at 7:00 am — CVE-2025-29819 Windows Admin Center in Azure Portal Information Disclosure Vulnerability Read More »

on July 22, 2025 at 7:00 am — CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Updated the build numbers. This is an informational update only.

on July 22, 2025 at 7:00 am — CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability Read More »

on July 21, 2025 at 8:33 pm — ToolShell: Details of CVEs Affecting SharePoint Servers

Leave a Comment / Uncategorized / Privacy Trust

Cisco Talos is aware of the ongoing exploitation of CVE-2025-53770 and CVE-2025-53771 in the wild. These are path traversal vulnerabilities affecting SharePoint Server Subscription Edition, SharePoint Server 2016, and SharePoint Server 2019. According to Microsoft, these vulnerabilities do not affect SharePoint Online in Microsoft 365 and only apply to on-premises SharePoint servers. Microsoft has also

on July 21, 2025 at 8:33 pm — ToolShell: Details of CVEs Affecting SharePoint Servers Read More »

on July 21, 2025 at 7:00 am — CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Updated one or more CVSS scores for the affected products. This is an informational change only.

on July 21, 2025 at 7:00 am — CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability Read More »

on July 20, 2025 at 7:00 am — CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper limitation of a pathname to a restricted directory (‘path traversal’) in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

on July 20, 2025 at 7:00 am — CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability Read More »

on July 20, 2025 at 7:00 am — CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

The security update is avaialble for Microsoft SharePoint Server Subscription Edition. Microsoft strongly encourages customers running this version of SharePoint to install this update as soon as possible.

on July 20, 2025 at 7:00 am — CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability Read More »

Protecting Privacy Build Trust

Protecting Privacy Build Trust

Join Us in Building a Privacy-Centric Future

Solutions

Services

Contacts