Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: Microsoft has released its March 2025 Patch Tuesday security updates, addressing 57 vulnerabilities across its product lineup, including six zero-day flaws that were actively exploited in the wild. The update covers security issues affecting Windows, Microsoft Office, Azure, and other components. Microsoft fixes 6 zero-day vulnerabilities Among the most critical fixes in this month’s update …
The post Microsoft March 2025 ‘Patch Tuesday’ Updates Fix Six Actively Exploited Flaws appeared first on CyberInsider.
March 11th, 2025 (3 months ago)
|
CVE-2025-26633 |
🚨 Marked as known exploited on March 31st, 2025 (2 months ago).
Description: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
CVSS: HIGH (7.0) EPSS Score: 1.47% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24993 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24991 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
CVSS: MEDIUM (5.5) EPSS Score: 2.97% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24985 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 9.81% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24984 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
CVSS: MEDIUM (4.6) EPSS Score: 19.24% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24983 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24054 |
🚨 Marked as known exploited on April 17th, 2025 (about 2 months ago).
Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVSS: MEDIUM (6.5) EPSS Score: 0.12%
March 11th, 2025 (3 months ago)
|
|
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. [...]
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24989 |
🚨 Marked as known exploited on February 21st, 2025 (3 months ago).
Description: An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.
This vulnerability has already been mitigated in the service and all affected cusomters have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you.
CVSS: HIGH (8.2) EPSS Score: 25.72%
February 20th, 2025 (3 months ago)
|