Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-21355
CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability
Description: CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability

CVSS: HIGH (8.6)

EPSS Score: 1.08%

Source: DarkWebInformer
February 19th, 2025 (about 2 months ago)

CVE-2025-25199
BCryptGenerateSymmetricKey memory leak
Description: go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation (CNG). Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to `cng.TLS1PRF` don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41 contains a fix for the issue. The fix is included in versions 1.23.6-2 and 1.22.12-2 of the Microsoft build of go, as well as in the pseudoversion 0.0.0-20250211154640-f49c8e1379ea of the `github.com/microsoft/go-crypto-winnative` Go package.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
February 13th, 2025 (2 months ago)

CVE-2025-24042
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
Description: Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-24039
Visual Studio Code Elevation of Privilege Vulnerability
Description: Visual Studio Code Elevation of Privilege Vulnerability

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-24036
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
Description: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

CVSS: HIGH (7.0)

EPSS Score: 0.05%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-21420
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
Description: Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.15%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-21419
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
Description: Windows Setup Files Cleanup Elevation of Privilege Vulnerability

CVSS: HIGH (7.1)

EPSS Score: 0.05%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-21418
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
🚨 Marked as known exploited on February 11th, 2025 (2 months ago).
Description: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-21414
Windows Core Messaging Elevation of Privileges Vulnerability
Description: Windows Core Messaging Elevation of Privileges Vulnerability

CVSS: HIGH (7.0)

EPSS Score: 0.05%

Source: CVE
February 12th, 2025 (2 months ago)

CVE-2025-21410
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Description: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.13%

Source: CVE
February 12th, 2025 (2 months ago)