Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-27728
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Description: Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27727
Windows Installer Elevation of Privilege Vulnerability
Description: Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.12%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27492
Windows Secure Channel Elevation of Privilege Vulnerability
Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.0)

EPSS Score: 0.03%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27491
Windows Hyper-V Remote Code Execution Vulnerability
Description: Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.

CVSS: HIGH (7.1)

EPSS Score: 0.8%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27490
Windows Bluetooth Service Elevation of Privilege Vulnerability
Description: Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27489
Azure Local Elevation of Privilege Vulnerability
Description: Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.07%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27487
Remote Desktop Client Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

CVSS: HIGH (8.0)

EPSS Score: 0.33%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27486
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Description: Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

CVSS: HIGH (7.5)

EPSS Score: 1.59%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27485
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Description: Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

CVSS: HIGH (7.5)

EPSS Score: 1.59%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27484
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Description: Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
April 8th, 2025 (14 days ago)