Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32164
WordPress m1.DownloadList plugin <= 0.21 - Sensitive Data Exposure vulnerability
Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in maennchen1.de m1.DownloadList. This issue affects m1.DownloadList: from n/a through 0.21.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-29821
Microsoft Dynamics Business Central Information Disclosure Vulnerability
Description: Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.

CVSS: MEDIUM (5.5)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-29819
Windows Admin Center in Azure Portal Information Disclosure Vulnerability
Description: External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.

CVSS: MEDIUM (6.2)

EPSS Score: 0.07%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-29808
Windows Cryptographic Services Information Disclosure Vulnerability
Description: Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.

CVSS: MEDIUM (5.5)

EPSS Score: 0.02%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27742
NTFS Information Disclosure Vulnerability
Description: Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

CVSS: MEDIUM (5.5)

EPSS Score: 0.05%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27738
Windows Resilient File System (ReFS) Information Disclosure Vulnerability
Description: Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.09%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27736
Windows Power Dependency Coordinator Information Disclosure Vulnerability
Description: Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

CVSS: MEDIUM (5.5)

EPSS Score: 0.04%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27735
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
Description: Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

CVSS: MEDIUM (6.0)

EPSS Score: 0.03%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27474
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Description: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.17%

Source: CVE
April 8th, 2025 (14 days ago)

CVE-2025-27472
Windows Mark of the Web Security Feature Bypass Vulnerability
Description: Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

CVSS: MEDIUM (5.4)

EPSS Score: 0.1%

Source: CVE
April 8th, 2025 (14 days ago)