Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24046 |
Description: Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 0.05%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24045 |
Description: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (8.1) EPSS Score: 0.2%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24044 |
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 0.05%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24043 |
Description: Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
CVSS: HIGH (7.5) EPSS Score: 0.03%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24035 |
Description: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (8.1) EPSS Score: 0.2%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-21180 |
Description: Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 0.08%
March 11th, 2025 (about 1 month ago)
|
|
Description: 6Critical50Important0Moderate0LowMicrosoft addresses 56 CVEs, including seven zero-day flaws, with six of those being exploited in the wild.Microsoft patched 56 CVEs in its March 2025 Patch Tuesday release, with six rated critical, and 50 rated as important.This month’s update includes patches for:.NETASP.NET Core & Visual StudioAzure Agent InstallerAzure ArcAzure CLIAzure PromptFlowKernel Streaming WOW Thunk Service DriverMicrosoft Local Security Authority Server (lsasrv)Microsoft Management ConsoleMicrosoft OfficeMicrosoft Office AccessMicrosoft Office ExcelMicrosoft Office WordMicrosoft Streaming ServiceMicrosoft WindowsRemote Desktop ClientRole: DNS ServerVisual StudioVisual Studio CodeWindows Common Log File System DriverWindows Cross Device ServiceWindows Fast FAT DriverWindows File ExplorerWindows Hyper-VWindows Kernel MemoryWindows Kernel-Mode DriversWindows MapUrlToZoneWindows Mark of the Web (MOTW)Windows NTFSWindows NTLMWindows Remote Desktop ServicesWindows Routing and Remote Access Service (RRAS)Windows Subsystem for LinuxWindows Telephony ServerWindows USB Video DriverWindows Win32 Kernel SubsystemWindows exFAT File SystemRemote code execution (RCE) vulnerabilities accounted for 41.1% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 39.3%.ImportantCVE-2025-26633 | Microsoft Management Console Security Feature Bypass VulnerabilityCVE-2025-26633 is a security feature bypass vulnerability in the Microsoft Man...
CVSS: HIGH (7.0) EPSS Score: 1.47%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-26634 |
Description: Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
CVSS: HIGH (7.5) EPSS Score: 0.07%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24983 |
Description: Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24985 |
Description: Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code with a physical attack.
CVSS: HIGH (7.8) EPSS Score: 9.81%
March 11th, 2025 (about 1 month ago)
|