CVE-2025-24993 |
๐จ Marked as known exploited on March 11th, 2025 (about 2 months ago).
Description: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05% SSVC Exploitation: active
March 11th, 2025 (about 2 months ago)
|
CVE-2025-24991 |
๐จ Marked as known exploited on March 11th, 2025 (about 2 months ago).
Description: Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
CVSS: MEDIUM (5.5) EPSS Score: 2.97% SSVC Exploitation: active
March 11th, 2025 (about 2 months ago)
|
CVE-2025-24985 |
๐จ Marked as known exploited on March 11th, 2025 (about 2 months ago).
Description: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 9.81% SSVC Exploitation: active
March 11th, 2025 (about 2 months ago)
|
CVE-2025-24984 |
๐จ Marked as known exploited on March 11th, 2025 (about 2 months ago).
Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
CVSS: MEDIUM (4.6) EPSS Score: 19.24% SSVC Exploitation: active
March 11th, 2025 (about 2 months ago)
|
CVE-2025-24983 |
๐จ Marked as known exploited on March 11th, 2025 (about 2 months ago).
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (about 2 months ago)
|
CVE-2025-24054 |
๐จ Marked as known exploited on April 17th, 2025 (16 days ago).
Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVSS: MEDIUM (6.5) EPSS Score: 0.12%
March 11th, 2025 (about 2 months ago)
|
![]() |
๐จ Marked as known exploited on April 10th, 2025 (24 days ago).
Description: Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. [...]
March 11th, 2025 (about 2 months ago)
|
CVE-2025-27363 |
๐จ Marked as known exploited on April 17th, 2025 (17 days ago).
Description: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVSS: HIGH (8.1) EPSS Score: 5.37% SSVC Exploitation: none
March 11th, 2025 (about 2 months ago)
|
![]() |
๐จ Marked as known exploited on April 10th, 2025 (24 days ago).
Description: CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]
March 11th, 2025 (about 2 months ago)
|
CVE-2025-24813 |
๐จ Marked as known exploited on March 17th, 2025 (about 2 months ago).
Description: Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- application was using Tomcat's file based session persistence with the default storage location
- application included a library that may be leveraged in a deserialization attack
Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.98, which fixes the issue.
CVSS: CRITICAL (9.8) EPSS Score: 93.55%
March 10th, 2025 (about 2 months ago)
|