Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-33074

Description: Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.

CVSS: HIGH (7.5)

EPSS Score: 0.02%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30392

Description: Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

CVSS: CRITICAL (9.8)

EPSS Score: 0.09%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30391

Description: Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.

CVSS: HIGH (8.1)

EPSS Score: 0.13%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30390

Description: Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

CVSS: CRITICAL (9.9)

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30389

Description: Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

CVSS: HIGH (8.7)

EPSS Score: 0.05%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-21416

Description: Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.

CVSS: HIGH (8.5)

EPSS Score: 0.05%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)
Description: Microsoft has confirmed that Windows 11 24H2 feature updates via Windows Server Update Services (WSUS) are being blocked after installing the April 2025 security updates. [...]
Source: BleepingComputer
April 30th, 2025 (about 1 month ago)
Description: Microsoft has announced that it will soon introduce paid subscriptions for Windows Server 2025 hotpatching, a service that enables admins to install security updates without restarting. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Description: Microsoft has confirmed several issues affecting Microsoft 365 customers using the "paste special' option and the calendar feature in the classic Outlook email client. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Description: Microsoft is working on fully mitigating issues causing Outlook on the web and SharePoint Online users to experience delays or failures when searching. [...]
Source: BleepingComputer
April 28th, 2025 (about 1 month ago)