Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft shares workaround for Windows security update issues
Description: Microsoft has shared a workaround for users affected by a known issue that blocks Windows security updates from deploying on some Windows 11 24H2 systems. [...]
Source: BleepingComputer
February 7th, 2025 (2 months ago)
Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection
Description: Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited activity in December 2024 that involved an unknown threat actor using a publicly available, static ASP.NET
Source: TheHackerNews
February 7th, 2025 (2 months ago)
Microsoft Edge update adds AI-powered Scareware Blocker
Description: Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature. In addition, Microsoft is updating the backend of the Downloads UI with performance improvements. [...]
Source: BleepingComputer
February 7th, 2025 (2 months ago)
Microsoft Warns of Code Injection via Exposed ASP.NET Keys
Description: Microsoft Threat Intelligence has identified a security risk involving publicly available ASP.NET machine keys, which have been exploited in code injection attacks. Microsoft’s security researchers observed limited malicious activity in December 2024, when a threat actor leveraged a publicly disclosed ASP.NET machine key to perform a ViewState code injection attack. During the investigation, Microsoft found … The post Microsoft Warns of Code Injection via Exposed ASP.NET Keys appeared first on CyberInsider.
Source: CyberInsider
February 7th, 2025 (2 months ago)

CVE-2025-21408
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.13%

Source: CVE
February 7th, 2025 (2 months ago)

CVE-2025-21404
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

Source: CVE
February 7th, 2025 (2 months ago)

CVE-2025-21342
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.13%

Source: CVE
February 7th, 2025 (2 months ago)

CVE-2025-21283
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVSS: MEDIUM (6.5)

EPSS Score: 0.13%

Source: CVE
February 7th, 2025 (2 months ago)

CVE-2025-21279
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVSS: MEDIUM (6.5)

EPSS Score: 0.13%

Source: CVE
February 7th, 2025 (2 months ago)

CVE-2025-21267
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVSS: MEDIUM (4.4)

EPSS Score: 0.06%

Source: CVE
February 7th, 2025 (2 months ago)