Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime.
In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming
April 5th, 2025 (14 days ago)
|
CVE-2025-29796 |
Description: User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
CVSS: MEDIUM (4.7) EPSS Score: 0.04% SSVC Exploitation: none
April 4th, 2025 (15 days ago)
|
|
CVE-2025-25001 |
Description: Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVSS: MEDIUM (4.3) EPSS Score: 0.05% SSVC Exploitation: none
April 4th, 2025 (15 days ago)
|
|
CVE-2025-25000 |
Description: Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (8.8) EPSS Score: 0.14% SSVC Exploitation: none
April 4th, 2025 (15 days ago)
|
|
CVE-2025-29815 |
Description: Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.
CVSS: HIGH (7.6) EPSS Score: 0.06% SSVC Exploitation: none
April 4th, 2025 (15 days ago)
|
|
Description: ​Microsoft is testing a new taskbar icon scaling feature that automatically scales down Windows taskbar icons to show more apps when it gets too overcrowded. [...]
April 3rd, 2025 (16 days ago)
|
|
Description: Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials.
"These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection," Microsoft said in a report shared with The
April 3rd, 2025 (16 days ago)
|
|
Description: Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. [...]
April 2nd, 2025 (17 days ago)
|
|
Description: A previously unknown trick lets you easily bypass using a Microsoft Account in Windows 11, just as Microsoft tries to make it harder to use local accounts. [...]
April 1st, 2025 (18 days ago)
|
|
CVE-2025-25041 |
Description: A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating System. This vulnerability does not affect Linux and Android based clients.
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
April 1st, 2025 (18 days ago)
|