Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-29795
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Description: Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE
March 23rd, 2025 (3 months ago)
Microsoft Trust Signing service abused to code-sign malware
Description: Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]
Source: BleepingComputer
March 22nd, 2025 (3 months ago)
[remote] Microsoft Windows - NTLM Hash Leak Malicious Windows Theme
Description: Microsoft Windows - NTLM Hash Leak Malicious Windows Theme
Source: ExploitDB
March 22nd, 2025 (3 months ago)
Microsoft: Exchange Online bug mistakenly quarantines user emails
Description: Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users' emails. [...]
Source: BleepingComputer
March 21st, 2025 (3 months ago)

CVE-2025-29814
Microsoft Partner Center Elevation of Privilege Vulnerability
Description: Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.

CVSS: CRITICAL (9.3)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
March 21st, 2025 (3 months ago)

CVE-2025-29807
Microsoft Dataverse Remote Code Execution Vulnerability
Description: Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.

CVSS: HIGH (8.7)

EPSS Score: 0.65%

SSVC Exploitation: none

Source: CVE
March 21st, 2025 (3 months ago)
VSCode extensions found downloading early-stage ransomware
Description: Two malicious VSCode Marketplace extensions were found deploying in-development ransomware from a remote server, exposing critical gaps in Microsoft's review process. [...]
Source: BleepingComputer
March 20th, 2025 (3 months ago)
Microsoft lifts Windows 11 upgrade block after Asphalt 8 crash fix
Description: Microsoft has lifted an upgrade block that prevented Asphalt 8: Airborne players from upgrading their systems to Windows 11 24H2 due to compatibility issues. [...]
Source: BleepingComputer
March 20th, 2025 (3 months ago)
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model
Description: Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365's approach, offers a framework for comprehending and implementing effective cybersecurity
Source: TheHackerNews
March 20th, 2025 (3 months ago)

CVE-2025-21172
Security Update for Microsoft .NET 8 Core (January 2025)
Description: Nessus Plugin ID 232847 with High Severity Synopsis The remote Windows host is affected by a .NET Core vulnerability Description The version of Microsoft .NET 8 Core installed on the remote host is prior to 8.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET and Visual Studio Remote Code Execution Vulnerability (CVE-2025-21172) - .NET Elevation of Privilege Vulnerability (CVE-2025-21173) - .NET and Visual Studio Remote Code Execution Vulnerability (CVE-2025-21176)Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Update .NET Core, remove vulnerable packages and refer to vendor advisory. Read more at https://www.tenable.com/plugins/nessus/232847

CVSS: HIGH (7.5)

Source: Tenable Plugins
March 19th, 2025 (3 months ago)