CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24044 |
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 0.05%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24043 |
Description: Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
CVSS: HIGH (7.5) EPSS Score: 0.03%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24035 |
Description: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (8.1) EPSS Score: 0.2%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-21180 |
Description: Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 0.08%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-0151 |
Description: Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
CVSS: HIGH (8.5) EPSS Score: 0.04% SSVC Exploitation: none
March 11th, 2025 (4 months ago)
|
|
CVE-2025-0150 |
Description: Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of service via network access.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 11th, 2025 (4 months ago)
|
|
Description: 6Critical50Important0Moderate0LowMicrosoft addresses 56 CVEs, including seven zero-day flaws, with six of those being exploited in the wild.Microsoft patched 56 CVEs in its March 2025 Patch Tuesday release, with six rated critical, and 50 rated as important.This month’s update includes patches for:.NETASP.NET Core & Visual StudioAzure Agent InstallerAzure ArcAzure CLIAzure PromptFlowKernel Streaming WOW Thunk Service DriverMicrosoft Local Security Authority Server (lsasrv)Microsoft Management ConsoleMicrosoft OfficeMicrosoft Office AccessMicrosoft Office ExcelMicrosoft Office WordMicrosoft Streaming ServiceMicrosoft WindowsRemote Desktop ClientRole: DNS ServerVisual StudioVisual Studio CodeWindows Common Log File System DriverWindows Cross Device ServiceWindows Fast FAT DriverWindows File ExplorerWindows Hyper-VWindows Kernel MemoryWindows Kernel-Mode DriversWindows MapUrlToZoneWindows Mark of the Web (MOTW)Windows NTFSWindows NTLMWindows Remote Desktop ServicesWindows Routing and Remote Access Service (RRAS)Windows Subsystem for LinuxWindows Telephony ServerWindows USB Video DriverWindows Win32 Kernel SubsystemWindows exFAT File SystemRemote code execution (RCE) vulnerabilities accounted for 41.1% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 39.3%.ImportantCVE-2025-26633 | Microsoft Management Console Security Feature Bypass VulnerabilityCVE-2025-26633 is a security feature bypass vulnerability in the Microsoft Man...
CVSS: HIGH (7.0) EPSS Score: 1.47%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27172 |
Description: Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: HIGH (7.8) EPSS Score: 0.03%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-26634 |
Description: Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
CVSS: HIGH (7.5) EPSS Score: 0.07%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-22213 |
Description: Inadequate checks in the Media Manager allowed users with "edit" privileges to change file extension to arbitrary extension, including .php and other potentially executable extensions.
CVSS: HIGH (7.1) EPSS Score: 0.05%
March 11th, 2025 (4 months ago)
|