Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on May 14th, 2025 (19 days ago).
Description: Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild.
Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them
May 14th, 2025 (19 days ago)
|
|
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”. Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code
CVSS: HIGH (7.5) EPSS Score: 10.87%
May 13th, 2025 (20 days ago)
|
|
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: 5Critical66Important0Moderate0LowMicrosoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild.Microsoft patched 71 CVEs in its May 2025 Patch Tuesday release, with five rated critical and 66 rated as important.This month’s update includes patches for:.NET, Visual Studio, and Build Tools for Visual StudioActive Directory Certificate Services (AD CS)AzureAzure AutomationAzure DevOpsAzure File SyncAzure Storage Resource ProviderMicrosoft Brokering File SystemMicrosoft DataverseMicrosoft Defender for EndpointMicrosoft Defender for IdentityMicrosoft Edge (Chromium-based)Microsoft OfficeMicrosoft Office ExcelMicrosoft Office OutlookMicrosoft Office PowerPointMicrosoft Office SharePointMicrosoft PC ManagerMicrosoft Power AppsMicrosoft Scripting EngineRemote Desktop Gateway ServiceRole: Windows Hyper-VUniversal Print Management ServiceUrlMonVisual StudioVisual Studio CodeWeb Threat Defense (WTD.sys)Windows Ancillary Function Driver for WinSockWindows Common Log File System DriverWindows Deployment ServicesWindows DriversWindows DWMWindows File ServerWindows FundamentalsWindows Hardware Lab KitWindows InstallerWindows KernelWindows LDAP - Lightweight Directory Access ProtocolWindows MediaWindows NTFSWindows Remote DesktopWindows Routing and Remote Access Service (RRAS)Windows Secure Kernel ModeWindows SMBWindows Trusted Runtime Interface DriverWindows Virtual Machine BusWindows Win32K - GRFXRemote code execution (RCE) vulnerabilities accounted for...
CVSS: HIGH (7.8) EPSS Score: 3.71%
May 13th, 2025 (20 days ago)
|
|
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Microsoft's Patch Tuesday for May 2025 addresses 78 vulnerabilities across its product suite, including five zero-day vulnerabilities that are already being exploited in the wild. The Windows 11 cumulative update KB5058411 (Build 26100.4061) brings critical fixes for elevation-of-privilege and remote code execution flaws impacting core Windows components. The update was released on May 13, 2025, …
The post Microsoft Patches Five Actively Exploited Flaws in May 2025 Windows 11 Update appeared first on CyberInsider.
May 13th, 2025 (20 days ago)
|
|
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Today is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. [...]
May 13th, 2025 (20 days ago)
|
CVE-2025-32709 |
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 3.75%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-32706 |
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 9.3%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-32701 |
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 3.71%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-30400 |
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 3.71%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-30397 |
🚨 Marked as known exploited on May 13th, 2025 (20 days ago).
Description: Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (7.5) EPSS Score: 10.87%
May 13th, 2025 (20 days ago)
|