Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-33074
Azure Functions Remote Code Execution Vulnerability
Description: Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.

CVSS: HIGH (7.5)

EPSS Score: 0.02%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30392
Azure AI bot Elevation of Privilege Vulnerability
Description: Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

CVSS: CRITICAL (9.8)

EPSS Score: 0.09%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30391
Microsoft Dynamics Information Disclosure Vulnerability
Description: Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.

CVSS: HIGH (8.1)

EPSS Score: 0.13%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30390
Azure ML Compute Elevation of Privilege Vulnerability
Description: Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

CVSS: CRITICAL (9.9)

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-30389
Azure Bot Framework SDK Elevation of Privilege Vulnerability
Description: Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

CVSS: HIGH (8.7)

EPSS Score: 0.05%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)

CVE-2025-21416
Azure Virtual Desktop Elevation of Privilege Vulnerability
Description: Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.

CVSS: HIGH (8.5)

EPSS Score: 0.05%

SSVC Exploitation: none

Source: CVE
April 30th, 2025 (about 1 month ago)
Microsoft: Windows 11 24H2 updates fail with 0x80240069 errors
Description: Microsoft has confirmed that Windows 11 24H2 feature updates via Windows Server Update Services (WSUS) are being blocked after installing the April 2025 security updates. [...]
Source: BleepingComputer
April 30th, 2025 (about 1 month ago)
Microsoft: Windows Server hotpatching to require subscription
Description: Microsoft has announced that it will soon introduce paid subscriptions for Windows Server 2025 hotpatching, a service that enables admins to install security updates without restarting. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Microsoft fixes Outlook paste, blank calendar rendering issues
Description: Microsoft has confirmed several issues affecting Microsoft 365 customers using the "paste special' option and the calendar feature in the classic Outlook email client. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Microsoft fixes Outlook on the web search issues, failures
Description: Microsoft is working on fully mitigating issues causing Outlook on the web and SharePoint Online users to experience delays or failures when searching. [...]
Source: BleepingComputer
April 28th, 2025 (about 1 month ago)