Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-24058
Windows DWM Core Library Elevation of Privilege Vulnerability
Description: Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.07%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21222
Windows Telephony Service Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21221
Windows Telephony Service Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21205
Windows Telephony Service Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

CVSS: HIGH (8.8)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21204
Windows Process Activation Elevation of Privilege Vulnerability
Description: Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21203
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Description: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.06%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21197
Windows NTFS Information Disclosure Vulnerability
Description: Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

CVSS: MEDIUM (6.5)

EPSS Score: 0.09%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21191
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
Description: Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.0)

EPSS Score: 0.03%

Source: CVE
April 8th, 2025 (11 days ago)

CVE-2025-21174
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Description: Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

CVSS: HIGH (7.5)

EPSS Score: 1.59%

Source: CVE
April 8th, 2025 (11 days ago)
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
🚨 Marked as known exploited on April 10th, 2025 (10 days ago).
Description: Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. [...]
Source: BleepingComputer
April 8th, 2025 (11 days ago)