Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Posted by hyp3rlinx on Apr 26[-] Microsoft ".library-ms" File / NTLM Information Disclosure
Spoofing (Resurrected 2025) / CVE-2025-24054
[+] John Page (aka hyp3rlinx)
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec
Back in 2018, I reported a ".library-ms" File NTLM information
disclosure vulnerability to MSRC and was told "it was not severe
enough", that being said I post it anyways. Seven years passed, until
other researchers re-reported it....
CVSS: MEDIUM (6.5)
April 27th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 18th, 2025 (about 2 months ago).
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.
The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure
CVSS: MEDIUM (6.5)
April 18th, 2025 (about 2 months ago)
|
CVE-2025-24054 |
Description: Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CVSS: MEDIUM (6.5)
April 17th, 2025 (about 2 months ago)
|
|
CVE-2025-29817 |
Description: Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.
CVSS: MEDIUM (5.7) EPSS Score: 0.08%
April 15th, 2025 (about 2 months ago)
|
|
CVE-2025-32726 |
Description: Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVSS: MEDIUM (6.8) EPSS Score: 0.05%
April 12th, 2025 (about 2 months ago)
|
|
CVE-2025-0539 |
Description: In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication material allowing a suitably positioned attacker to compromise the account running Octopus Server and potentially the host infrastructure itself.
CVSS: MEDIUM (5.9) EPSS Score: 0.05%
April 10th, 2025 (about 2 months ago)
|
|
Description: Impact
What kind of vulnerability is it? Who is impacted?
Description: This vulnerability affects confidential client applications, including daemons, web apps, and web APIs. Under specific circumstances, sensitive information such as client secrets or certificate details may be exposed in the service logs of these applications. Service logs are intended to be handled securely.
Impact: The vulnerability impacts service logs that meet the following criteria:
Logging Level: Logs are generated at the information level.
Credential Descriptions: containing:
Local file paths with passwords.
Base64 encoded values.
Client secret.
Additionally, logs of services using Base64 encoded certificates or certificate paths with password credential descriptions are also affected if the certificates are invalid or expired, regardless of the log level. Note that these credentials are not usable due to their invalid or expired status.
If your service logs are handled securely, you are not impacted.
Otherwise, the following table shows when you can be impacted
 | Log Level Information for Microsoft.Identity.Web | Invalid Certificate
-- | -- | --
One of the ClientCredentials credential description has a CredentialSource = Base64Encoded or (CredentialSource = Path) | Impacted | Impacted
One of the ClientCredentials credential description is a Client secret (CredentialSource = ClientSecret) | Impacted | Not impacted
Other credential descriptions | Not Impacted | Not Impacted
Patches
Has the...
CVSS: MEDIUM (4.7) EPSS Score: 0.01%
April 9th, 2025 (about 2 months ago)
|
|
|
Description: Impact
What kind of vulnerability is it? Who is impacted?
Description: This vulnerability affects confidential client applications, including daemons, web apps, and web APIs. Under specific circumstances, sensitive information such as client secrets or certificate details may be exposed in the service logs of these applications. Service logs are intended to be handled securely.
Impact: The vulnerability impacts service logs that meet the following criteria:
Logging Level: Logs are generated at the information level.
Credential Descriptions: containing:
Local file paths with passwords.
Base64 encoded values.
Client secret.
Additionally, logs of services using Base64 encoded certificates or certificate paths with password credential descriptions are also affected if the certificates are invalid or expired, regardless of the log level. Note that these credentials are not usable due to their invalid or expired status.
If your service logs are handled securely, you are not impacted.
Otherwise, the following table shows when you can be impacted
 | Log Level Information for Microsoft.Identity.Web | Invalid Certificate
-- | -- | --
One of the ClientCredentials credential description has a CredentialSource = Base64Encoded or (CredentialSource = Path) | Impacted | Impacted
One of the ClientCredentials credential description is a Client secret (CredentialSource = ClientSecret) | Impacted | Not impacted
Other credential descriptions | Not Impacted | Not Impacted
Patches
Has the...
CVSS: MEDIUM (4.7) EPSS Score: 0.01%
April 9th, 2025 (about 2 months ago)
|
|
CVE-2025-32374 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8.
CVSS: MEDIUM (5.9) EPSS Score: 0.05% SSVC Exploitation: none
April 9th, 2025 (about 2 months ago)
|
|
CVE-2025-32373 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8.
CVSS: MEDIUM (6.5) EPSS Score: 0.03% SSVC Exploitation: none
April 9th, 2025 (about 2 months ago)
|