CyberAlerts

CVE-2025-24987

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Description: Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

CVSS: MEDIUM (6.6)

EPSS Score: 0.07%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24986

Azure Promptflow Remote Code Execution Vulnerability

Description: Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.09%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24984

Windows NTFS Information Disclosure Vulnerability

🚨 Marked as known exploited on March 11th, 2025 (3 months ago).

Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

CVSS: MEDIUM (4.6)

EPSS Score: 19.24%

SSVC Exploitation: active

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24055

Windows USB Video Class System Driver Information Disclosure Vulnerability

Description: Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24054

NTLM Hash Disclosure Spoofing Vulnerability

🚨 Marked as known exploited on April 17th, 2025 (about 2 months ago).

Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.12%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-21247

MapUrlToZone Security Feature Bypass Vulnerability

Description: Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

CVSS: MEDIUM (4.3)

EPSS Score: 0.1%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-21199

Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability

Description: Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.

CVSS: MEDIUM (6.7)

EPSS Score: 0.04%

Source: CVE

March 11th, 2025 (3 months ago)

CVE-2025-24984

Microsoft Windows NTFS Information Disclosure Vulnerability

Description: Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an authorized attacker to disclose information locally. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.

CVSS: MEDIUM (4.6)

EPSS Score: 19.24%

Source: CISA KEV

March 11th, 2025 (3 months ago)

CVE-2025-24991

Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability

Description: Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that could allow for information disclosure.

CVSS: MEDIUM (5.5)

EPSS Score: 2.97%

Source: CISA KEV

March 11th, 2025 (3 months ago)

CVE-2025-26643

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Description: No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVSS: MEDIUM (5.4)

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE

March 7th, 2025 (3 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: