CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-33112	IBM AIX command execution Description: IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input. CVSS: HIGH (8.4) EPSS Score: 0.03% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33075	Windows Installer Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. CVSS: HIGH (7.8) EPSS Score: 0.06% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33073	Windows SMB Client Elevation of Privilege Vulnerability Description: Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. CVSS: HIGH (8.8) EPSS Score: 0.32% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33071	Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Description: Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. CVSS: HIGH (8.1) EPSS Score: 0.12% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33070	Windows Netlogon Elevation of Privilege Vulnerability Description: Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. CVSS: HIGH (8.1) EPSS Score: 0.35% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33069	Windows App Control for Business Security Feature Bypass Vulnerability Description: Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. CVSS: MEDIUM (5.1) EPSS Score: 0.02% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33068	Windows Standards-Based Storage Management Service Denial of Service Vulnerability Description: Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. CVSS: HIGH (7.5) EPSS Score: 2.14% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33067	Windows Task Scheduler Elevation of Privilege Vulnerability Description: Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. CVSS: HIGH (8.4) EPSS Score: 0.06% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33066	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. CVSS: HIGH (8.8) EPSS Score: 0.06% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)
CVE-2025-33065	Windows Storage Management Provider Information Disclosure Vulnerability Description: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. CVSS: MEDIUM (5.5) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE June 10th, 2025 (8 days ago)