Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-21391
Windows Storage Elevation of Privilege Vulnerability
🚨 Marked as known exploited on February 11th, 2025 (2 months ago).
Description: Windows Storage Elevation of Privilege Vulnerability

CVSS: HIGH (7.1)

EPSS Score: 0.09%

Source: CVE
February 12th, 2025 (2 months ago)
Microsoft February 2025 Patch Tuesday Fixes Two Zero-Day Flaws
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Microsoft has released its February 2025 Patch Tuesday update, addressing 55 security vulnerabilities, including two actively exploited zero-day flaws. The update includes fixes for elevation of privilege vulnerabilities in Windows Storage and the Windows Ancillary Function Driver for WinSock, which have been detected in real-world attacks. Zero-days under active exploitation Among the most critical fixes … The post Microsoft February 2025 Patch Tuesday Fixes Two Zero-Day Flaws appeared first on CyberInsider.
Source: CyberInsider
February 11th, 2025 (2 months ago)
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Today is Microsoft's February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks. [...]
Source: BleepingComputer
February 11th, 2025 (2 months ago)

CVE-2025-0994
Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization...
🚨 Marked as known exploited on February 6th, 2025 (2 months ago).
Description: Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services (IIS) web server.

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: CVE
February 7th, 2025 (2 months ago)

CVE-2024-29059
.NET Framework Information Disclosure Vulnerability
🚨 Marked as known exploited on February 4th, 2025 (2 months ago).
Description: .NET Framework Information Disclosure Vulnerability

CVSS: HIGH (7.5)

EPSS Score: 2.37%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
🚨 Marked as known exploited on February 6th, 2025 (2 months ago).
Description: Microsoft Outlook Remote Code Execution Vulnerability

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-49138
Windows Common Log File System Driver Elevation of Privilege Vulnerability
🚨 Marked as known exploited on December 10th, 2024 (4 months ago).
Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
December 12th, 2024 (4 months ago)

CVE-2024-49035
Partner.Microsoft.Com Elevation of Privilege Vulnerability
🚨 Marked as known exploited on February 25th, 2025 (about 2 months ago).
Description: An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.

CVSS: HIGH (8.7)

EPSS Score: 0.19%

Source: CVE
November 27th, 2024 (5 months ago)