Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-27731
Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability
Description: Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.07%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27730
Windows Digital Media Elevation of Privilege Vulnerability
Description: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27729
Windows Shell Remote Code Execution Vulnerability
Description: Use after free in Windows Shell allows an unauthorized attacker to execute code locally.

CVSS: HIGH (7.8)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27728
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Description: Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27727
Windows Installer Elevation of Privilege Vulnerability
Description: Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.12%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27492
Windows Secure Channel Elevation of Privilege Vulnerability
Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.0)

EPSS Score: 0.03%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27491
Windows Hyper-V Remote Code Execution Vulnerability
Description: Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.

CVSS: HIGH (7.1)

EPSS Score: 0.8%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27490
Windows Bluetooth Service Elevation of Privilege Vulnerability
Description: Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27489
Azure Local Elevation of Privilege Vulnerability
Description: Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.07%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-27487
Remote Desktop Client Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

CVSS: HIGH (8.0)

EPSS Score: 0.33%

Source: CVE
April 8th, 2025 (11 days ago)