Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-21184 |
Description: Windows Core Messaging Elevation of Privileges Vulnerability
CVSS: HIGH (7.0) EPSS Score: 0.05%
February 12th, 2025 (2 months ago)
|
|
CVE-2025-21183 |
Description: Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVSS: HIGH (7.4) EPSS Score: 0.05%
February 12th, 2025 (2 months ago)
|
|
CVE-2025-21182 |
Description: Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVSS: HIGH (7.4) EPSS Score: 0.05%
February 12th, 2025 (2 months ago)
|
|
CVE-2025-21181 |
Description: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVSS: HIGH (7.5) EPSS Score: 0.05%
February 12th, 2025 (2 months ago)
|
|
CVE-2024-40891 |
Description: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
CVE-2025-21391 Microsoft Windows Storage Link Following Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: HIGH (8.8) EPSS Score: 4.13%
February 11th, 2025 (2 months ago)
|
|
CVE-2025-21418 |
Description: 3Critical52Important0Moderate0LowMicrosoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild.Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne.This month’s update includes patches for:Active Directory Domain ServicesAzure Active DirectoryAzure FirmwareAzure Network WatcherMicrosoft AutoUpdate (MAU)Microsoft Digest AuthenticationMicrosoft High Performance Compute Pack (HPC) Linux Node AgentMicrosoft OfficeMicrosoft Office ExcelMicrosoft Office SharePointMicrosoft PC ManagerMicrosoft Streaming ServiceMicrosoft SurfaceMicrosoft WindowsOutlook for AndroidVisual StudioVisual Studio CodeWindows Ancillary Function Driver for WinSockWindows CoreMessagingWindows DHCP ClientWindows DHCP ServerWindows DWM Core LibraryWindows Disk Cleanup ToolWindows InstallerWindows Internet Connection Sharing (ICS)Windows KerberosWindows KernelWindows LDAP - Lightweight Directory Access ProtocolWindows Message QueuingWindows NTLMWindows Remote Desktop ServicesWindows Resilient File System (ReFS) Deduplication ServiceWindows Routing and Remote Access Service (RRAS)Windows Setup Files CleanupWindows StorageWindows Telephony ServerWindows Telephony ServiceWindows Update StackWindows Win32 Kernel SubsystemRemote code execution (RCE) vulnerabilities accounted for 38.2% of the vulnerabilities patched t...
CVSS: HIGH (7.8) EPSS Score: 0.05%
February 11th, 2025 (2 months ago)
|
|
CVE-2025-21391 |
Description: Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.
CVSS: HIGH (7.1) EPSS Score: 0.09%
February 11th, 2025 (2 months ago)
|
|
CVE-2025-21418 |
Description: Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
CVSS: HIGH (7.8) EPSS Score: 0.05%
February 11th, 2025 (2 months ago)
|
|
CVE-2025-0994 |
Description:
CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates and an advisory addressing a recently discovered a deserialization vulnerability enabling an external actor to potentially conduct remote code execution (RCE) against a customer’s Microsoft Internet Information Services (IIS) web server.
CISA has added CVE-2025-0994 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CISA strongly encourages users and administrators to search for indicators of compromise (IOCs) and apply the necessary updates and workarounds.
Review the following article for more information:
Trimble Advisory and IOCs for Vulnerability Affecting Cityworks Deployments
The Symantec Threat Hunter team, part of Broadcom, contributed to this guidance.
CVSS: HIGH (8.6) EPSS Score: 1.32%
February 7th, 2025 (2 months ago)
|
|
CVE-2025-0994 |
Description: Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.
CVSS: HIGH (8.6) EPSS Score: 1.32%
February 7th, 2025 (2 months ago)
|