Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24043 |
Description: Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
CVSS: HIGH (7.5) EPSS Score: 0.03%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24035 |
Description: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (8.1) EPSS Score: 0.2%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-21247 |
Description: Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVSS: MEDIUM (4.3) EPSS Score: 0.1%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-21199 |
Description: Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-21180 |
Description: Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 0.08%
March 11th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 10th, 2025 (10 days ago).
Description: Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57Â flaws, including six actively exploited zero-day vulnerabilities. [...]
March 11th, 2025 (about 1 month ago)
|
|
Description: 6Critical50Important0Moderate0LowMicrosoft addresses 56 CVEs, including seven zero-day flaws, with six of those being exploited in the wild.Microsoft patched 56 CVEs in its March 2025 Patch Tuesday release, with six rated critical, and 50 rated as important.This month’s update includes patches for:.NETASP.NET Core & Visual StudioAzure Agent InstallerAzure ArcAzure CLIAzure PromptFlowKernel Streaming WOW Thunk Service DriverMicrosoft Local Security Authority Server (lsasrv)Microsoft Management ConsoleMicrosoft OfficeMicrosoft Office AccessMicrosoft Office ExcelMicrosoft Office WordMicrosoft Streaming ServiceMicrosoft WindowsRemote Desktop ClientRole: DNS ServerVisual StudioVisual Studio CodeWindows Common Log File System DriverWindows Cross Device ServiceWindows Fast FAT DriverWindows File ExplorerWindows Hyper-VWindows Kernel MemoryWindows Kernel-Mode DriversWindows MapUrlToZoneWindows Mark of the Web (MOTW)Windows NTFSWindows NTLMWindows Remote Desktop ServicesWindows Routing and Remote Access Service (RRAS)Windows Subsystem for LinuxWindows Telephony ServerWindows USB Video DriverWindows Win32 Kernel SubsystemWindows exFAT File SystemRemote code execution (RCE) vulnerabilities accounted for 41.1% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 39.3%.ImportantCVE-2025-26633 | Microsoft Management Console Security Feature Bypass VulnerabilityCVE-2025-26633 is a security feature bypass vulnerability in the Microsoft Man...
CVSS: HIGH (7.0) EPSS Score: 1.47%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-26634 |
Description: Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
CVSS: HIGH (7.5) EPSS Score: 0.07%
March 11th, 2025 (about 1 month ago)
|
|
Description: Microsoft has released Windows 11 KB5053598 and KB5053602 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-26633 |
Description: Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to execute code over a network.
EPSS Score: 1.47%
March 11th, 2025 (about 1 month ago)
|