CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2651 matches found

CNNVD•added 2025/09/09 12:0 a.m.•2 views

Microsoft Windows Defender 安全漏洞

Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from Microsoft USA. A security vulnerability exists in Microsoft Windows Defender. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Window...

6.7CVSS6.2AI score0.00435EPSS

Exploits0References1

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36879

Name of the Vulnerable Software and Affected Versions: Windows Defender Firewall Service affected versions not specified Description: A type confusion issue exists within the Windows Defender Firewall Service. This flaw enables a locally authenticated attacker to gain elevated privileges on the...

6.8CVSS6.2AI score0.00465EPSS

Exploits0References8

Positive Technologies•added 2025/09/09 12:0 a.m.•1 views

PT-2025-36851

Name of the Vulnerable Software and Affected Versions: Windows Defender Firewall Service affected versions not specified Description: A type confusion issue in the Windows Defender Firewall Service can allow a locally authorized attacker to elevate privileges. This issue allows attackers to affec...

6.8CVSS6.1AI score0.0045EPSS

Exploits0References7

CNNVD•added 2025/09/09 12:0 a.m.•2 views

Microsoft Windows Defender 安全漏洞

6.7CVSS6.2AI score0.0045EPSS

Exploits0References1

CNNVD•added 2025/09/09 12:0 a.m.•3 views

Microsoft Windows Defender 安全漏洞

6.7CVSS6.2AI score0.0045EPSS

Exploits0References1

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36837

6.7CVSS6.1AI score0.00435EPSS

Exploits0References5

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36846

6.8CVSS6.1AI score0.0045EPSS

Exploits0References7

RedhatCVE•added 2025/09/08 7:14 p.m.•6 views

CVE-2025-0011

Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality...

3.3CVSS6.5AI score0.00169EPSS

Exploits1References1

RedhatCVE•added 2025/09/08 6:25 p.m.•13 views

CVE-2025-0009

A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability...

5.5CVSS6.9AI score0.00119EPSS

Exploits0References1

NVD•added 2025/09/08 3:15 p.m.•10 views

CVE-2025-59033

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control WDAC policy. Entries that specify only the to-be-signed TBS part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a...

7.4CVSS0.0022EPSS

Exploits0References3

NVD•added 2025/09/08 3:15 p.m.•4 views

CVE-2022-50238

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is...

7.4CVSS0.00221EPSS

Exploits0References2

Packet Storm News•added 2025/09/08 12:0 a.m.•5 views

A Simple Data Exfiltration Game

Data exfiltration is a growing problem for business who face costs related to the loss of confidential data as well as potential extortion. This work presents a simple game theoretic model of network data exfiltration. In the model, the attacker chooses the exfiltration route and speed, and the...

6.9AI score

Exploits0

Positive Technologies•added 2025/09/08 12:0 a.m.•3 views

PT-2025-36478

Name of the Vulnerable Software and Affected Versions: Windows versions affected versions not specified Description: The Microsoft vulnerable driver block list, implemented as Windows Defender Application Control WDAC policy, does not properly block entries specifying the signing certificate’s TB...

7.4CVSS6.3AI score0.0022EPSS

Exploits0References12

CVE•added 2025/09/08 12:0 a.m.•23 views

CVE-2025-59033

The CVE-2025-59033 entry describes a Microsoft Windows WDAC-based vulnerable driver block list where entries that specify the signing certificate’s TBS hash along with a FileAttribRef qualifier (e.g., file name/version) may not be blocked, regardless of HVCI being enabled. Affects the Microsoft v...

7.4CVSS6.2AI score0.0022EPSS

Exploits0References3

Vulnrichment•added 2025/09/08 12:0 a.m.•2 views

CVE-2022-50238

7.4CVSS6.4AI score0.00221EPSS

Exploits0References2

Positive Technologies•added 2025/09/08 12:0 a.m.•4 views

PT-2025-36472

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list...

6.4AI score0.00221EPSS

Exploits0References5

CNNVD•added 2025/09/08 12:0 a.m.•2 views

Microsoft Windows Defender Application Control 安全漏洞

Microsoft Windows Defender Application Control WDAC is a security tool from Microsoft Corporation USA that restricts the operation of programs at the software level by configuring policies to reduce the scope of what hackers can attack. A security vulnerability exists in Microsoft Windows Defende...

7.4CVSS6.5AI score0.00221EPSS

Exploits0References3

CNNVD•added 2025/09/08 12:0 a.m.•1 views

Microsoft Windows Defender Application Control 安全漏洞

7.4CVSS6.4AI score0.0022EPSS

Exploits0References4