CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-20032
Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to...
Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access.

CVSS: HIGH (8.3)

EPSS Score: 0.02%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2025-20026
Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to...
Description: Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS: HIGH (7.0)

EPSS Score: 0.02%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2025-20018
Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via...
Description: Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS: HIGH (8.4)

EPSS Score: 0.01%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2025-20006
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially...
Description: Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS: HIGH (8.3)

EPSS Score: 0.02%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2025-20004
Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a...
Description: Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS: HIGH (8.5)

EPSS Score: 0.02%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2025-20003
Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver software installers may allow an authenticated...
Description: Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS: HIGH (7.3)

EPSS Score: 0.01%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2024-45333
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated...
Description: Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local access.

CVSS: HIGH (7.3)

EPSS Score: 0.01%

Source: CVE
May 13th, 2025 (about 1 month ago)

CVE-2024-36292
Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an...
Description: Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local access.

CVSS: HIGH (7.3)

EPSS Score: 0.01%

Source: CVE
May 13th, 2025 (about 1 month ago)
[Microsoft.Build.Tasks.Core] Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability
Description: Microsoft Security Advisory CVE-2025-26646: .NET Spoofing Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0.xxx and .NET 8.0.xxx SDK. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in .NET SDK or MSBuild applications where external control of file name or path allows an unauthorized attacked to perform spoofing over a network. Discussion Discussion for this issue can be found at https://github.com/dotnet/msbuild/issues/11846 Mitigation factors Projects which do not utilize the DownloadFile build task are not susceptible to this vulnerability. Affected software Any installation of .NET 9.0.105 SDK, .NET 9.0.203 SDK or earlier. Any installation of .NET 8.0.115 SDK, .NET 8.0.311 SDK, .NET 8.0.408 SDK or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.Build.Tasks.Core >= 15.8.166, <=15.9.20>=16.0.461, <= 16.11.0>= 17.0.0, <= 17.8.3>= 17.9.5, <= 17.10.417.11.417.12.6 17.13.9 15.9.3016.11.617.8.2917.10.2917.12.3617.13.26 17.14.8 Advisory FAQ How do I know if I am affected? If you have a .NET SDK with a version listed, or an affected package listed in affected software or affected packages, you're exposed to the vulnerability. How do I fix ...

CVSS: HIGH (8.0)

EPSS Score: 0.03%

Source: Github Advisory Database (Nuget)
May 13th, 2025 (about 1 month ago)
Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
🚨 Marked as known exploited on May 13th, 2025 (about 1 month ago).
Description: Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”.  Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code

CVSS: HIGH (7.5)

EPSS Score: 30.91%

Source: Cisco Talos Blog
May 13th, 2025 (about 1 month ago)