Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26633 |
π¨ Marked as known exploited on March 31st, 2025 (19 days ago).
Description: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
CVSS: HIGH (7.0) EPSS Score: 1.47% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24993 |
π¨ Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24991 |
π¨ Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
CVSS: MEDIUM (5.5) EPSS Score: 2.97% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24985 |
π¨ Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 9.81% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24984 |
π¨ Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
CVSS: MEDIUM (4.6) EPSS Score: 19.24% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24983 |
π¨ Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24054 |
π¨ Marked as known exploited on April 17th, 2025 (1 day ago).
Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVSS: MEDIUM (6.5) EPSS Score: 0.12%
March 11th, 2025 (about 1 month ago)
|
|
π¨ Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57Β flaws, including six actively exploited zero-day vulnerabilities. [...]
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24989 |
π¨ Marked as known exploited on February 21st, 2025 (about 2 months ago).
Description: An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.
This vulnerability has already been mitigated in the service and all affected cusomters have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you.
CVSS: HIGH (8.2) EPSS Score: 25.72%
February 20th, 2025 (about 2 months ago)
|
|
CVE-2025-21418 |
π¨ Marked as known exploited on February 11th, 2025 (2 months ago).
Description: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS: HIGH (7.8) EPSS Score: 0.05%
February 12th, 2025 (2 months ago)
|