Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft adds hotpatching support to Windows 11 Enterprise
Description: Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. [...]
Source: BleepingComputer
April 2nd, 2025 (about 1 month ago)
New Windows 11 trick lets you bypass Microsoft Account requirement
Description: A previously unknown trick lets you easily bypass using a Microsoft Account in Windows 11, just as Microsoft tries to make it harder to use local accounts. [...]
Source: BleepingComputer
April 1st, 2025 (about 2 months ago)

CVE-2025-25041
Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
Description: A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating System. This vulnerability does not affect Linux and Android based clients.

CVSS: MEDIUM (5.5)

EPSS Score: 0.01%

Source: CVE
April 1st, 2025 (about 2 months ago)

CVE-2025-21953
net: mana: cleanup mana struct after debugfs_remove()
Description: In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfs_remove() When on a MANA VM hibernation is triggered, as part of hibernate_snapshot(), mana_gd_suspend() and mana_gd_resume() are called. If during this mana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs pointer does not get reinitialized and ends up pointing to older, cleaned-up dentry. Further in the hibernation path, as part of power_down(), mana_gd_shutdown() is triggered. This call, unaware of the failures in resume, tries to cleanup the already cleaned up mana_port_debugfs value and hits the following bug: [ 191.359296] mana 7870:00:00.0: Shutdown was called [ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098 [ 191.360584] #PF: supervisor write access in kernel mode [ 191.361125] #PF: error_code(0x0002) - not-present page [ 191.361727] PGD 1080ea067 P4D 0 [ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI [ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2 [ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024 [ 191.364124] RIP: 0010:down_write+0x19/0x50 [ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d [ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS...

EPSS Score: 0.01%

Source: CVE
April 1st, 2025 (about 2 months ago)
Microsoft to mark five decades of Ctrl-Alt-Deleting the competition
Source: TheRegister
April 1st, 2025 (about 2 months ago)

CVE-2025-21384
Azure Health Bot Elevation of Privilege Vulnerability
Description: An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.

CVSS: HIGH (8.3)

EPSS Score: 0.09%

Source: CVE
April 1st, 2025 (about 2 months ago)

CVE-2025-26683
Azure Playwright Elevation of Privilege Vulnerability
Description: Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network.

CVSS: HIGH (8.1)

EPSS Score: 0.08%

Source: CVE
March 31st, 2025 (about 2 months ago)
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders
Description: Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. [...]
Source: BleepingComputer
March 31st, 2025 (about 2 months ago)
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
Description: The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. "The threat actor deploys payloads primarily by means of

CVSS: HIGH (7.0)

EPSS Score: 1.47%

Source: TheHackerNews
March 31st, 2025 (about 2 months ago)
Windows 11 Installations to Require Internet Connection and Microsoft Account
Description: In the latest Windows 11 Insider Preview Build 26200.5516, Microsoft has removed the ability to install the operating system without both internet connectivity and a Microsoft account, effectively eliminating a long-standing workaround that allowed local account setups during installation. The change was first spotted by security researcher Will Dormann, who noted that Microsoft has removed … The post Windows 11 Installations to Require Internet Connection and Microsoft Account appeared first on CyberInsider.
Source: CyberInsider
March 31st, 2025 (about 2 months ago)