CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-29978	Microsoft PowerPoint Remote Code Execution Vulnerability Description: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. CVSS: HIGH (7.8) EPSS Score: 0.06% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29977	Microsoft Excel Remote Code Execution Vulnerability Description: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVSS: HIGH (7.8) EPSS Score: 0.06% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29976	Microsoft SharePoint Server Elevation of Privilege Vulnerability Description: Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.8) EPSS Score: 0.05% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29975	Microsoft PC Manager Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.8) EPSS Score: 0.06% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29973	Microsoft Azure File Sync Elevation of Privilege Vulnerability Description: Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.0) EPSS Score: 0.04% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29971	Web Threat Defense (WTD.sys) Denial of Service Vulnerability Description: Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network. CVSS: HIGH (7.5) EPSS Score: 0.14% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29970	Microsoft Brokering File System Elevation of Privilege Vulnerability Description: Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.8) EPSS Score: 0.05% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29969	MS-EVEN RPC Remote Code Execution Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network. CVSS: HIGH (7.5) EPSS Score: 0.06% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29967	Remote Desktop Client Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. CVSS: HIGH (8.8) EPSS Score: 0.13% Source: CVE May 13th, 2025 (about 1 month ago)
CVE-2025-29966	Remote Desktop Client Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. CVSS: HIGH (8.8) EPSS Score: 0.13% Source: CVE May 13th, 2025 (about 1 month ago)