CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-27171	InDesign Desktop \| Heap-based Buffer Overflow (CWE-122) Description: InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVSS: HIGH (7.8) EPSS Score: 0.02% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-27166	InDesign Desktop \| Out-of-bounds Write (CWE-787) Description: InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. CVSS: HIGH (7.8) EPSS Score: 0.03% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-26645	Remote Desktop Client Remote Code Execution Vulnerability Description: Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVSS: HIGH (8.8) EPSS Score: 0.07% SSVC Exploitation: none Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-26633	Microsoft Management Console Security Feature Bypass Vulnerability 🚨 Marked as known exploited on March 31st, 2025 (3 months ago). Description: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. CVSS: HIGH (7.0) EPSS Score: 1.47% SSVC Exploitation: active Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-26631	Visual Studio Code Elevation of Privilege Vulnerability Description: Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.3) EPSS Score: 0.12% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-26630	Microsoft Access Remote Code Execution Vulnerability Description: Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally. CVSS: HIGH (7.8) EPSS Score: 0.08% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-26629	Microsoft Office Remote Code Execution Vulnerability Description: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVSS: HIGH (7.8) EPSS Score: 0.08% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-26627	Azure Arc Installer Elevation of Privilege Vulnerability Description: Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.0) EPSS Score: 0.04% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-25008	Windows Server Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.1) EPSS Score: 0.06% Source: CVE March 11th, 2025 (4 months ago)
CVE-2025-25003	Visual Studio Elevation of Privilege Vulnerability Description: Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.3) EPSS Score: 0.12% Source: CVE March 11th, 2025 (4 months ago)