Lucene search
K

2925 matches found

Kaspersky
Kaspersky
added 2025/12/15 12:0 a.m.5 views

KLA90821 DoS vulnerability in Microsoft Browser

Denial of service vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2025-14174 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Edge CVE list CVE-2025-14174 critical...

8.8CVSS7.4AI score0.22359EPSS
Exploits10References3
Microsoft KB
Microsoft KB
added 2025/12/09 8:0 a.m.25 views

KB5074204: Security Update for Windows PowerShell (OS Builds 26100.7392 and 26200.7392)

None None...

7.8CVSS7.3AI score0.01466EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2025/12/09 8:0 a.m.60 views

October 14, 2025—KB5066782 (OS Build 20348.4294)

October 14, 2025—KB5066782 OS Build 20348.4294 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the pa...

9.9CVSS7.5AI score0.04767EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2025/12/09 8:0 a.m.38 views

October 14, 2025—KB5066835 (OS Builds 26200.6899 and 26100.6899)

October 14, 2025—KB5066835 OS Builds 26200.6899 and 26100.6899 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business...

7.8CVSS7.7AI score0.03817EPSS
Exploits5
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.7 views

KLA90816 ACE vulnerability in Microsoft Copilot Plugin

A remote code execution vulnerability was found in Microsoft Copilot Studio. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2025-64671 Related products GitHub-Copilot-Plugin CVE list CVE-2025-64671 critical KB list Solution Install necessary...

8.4CVSS8.7AI score0.0032EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.11 views

KLA90815 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Exchange Server can be exploited remotely to spoof us...

7.5CVSS7.2AI score0.00983EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2025/11/25 4:8 p.m.9 views

New ClickFix wave infects users with hidden malware in images and fake Windows updates

Several researchers have flagged a new development in the ongoing ClickFix campaign: Attackers are now mimicking a Windows update screen to trick people into running malware. ClickFix campaigns use convincing lures, historically “Human Verification” screens, and now a fake “Windows Update” splash...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/25 2:18 p.m.10 views

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

Cybersecurity researchers are calling attention to a new campaign that's leveraging a combination of ClickFix lures and fake adult websites to deceive users into running malicious commands under the guise of a "critical" Windows security update. "Campaign leverages fake adult websites xHamster,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/24 7:18 a.m.12 views

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

A recently patched security flaw in Microsoft Windows Server Update Services WSUS has been exploited by threat actors to distribute a malware known as ShadowPad. "The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access," AhnLab Security Intelligence...

9.8CVSS9AI score0.99962EPSS
Exploits24
Kaspersky
Kaspersky
added 2025/11/20 12:0 a.m.7 views

KLA90453 SUI vulnerability in Microsoft Windows

A spoofing vulnerability vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2025-62459 Related products Microsoft-365 CVE list CVE-2025-62459 high Solution Install necessary updates from the KB section, tha...

8.3CVSS6.3AI score0.00264EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2025/11/20 12:0 a.m.7 views

November 20, 2025—KB5070312 (OS Build 22631.6276) Preview

November 20, 2025—KB5070312 OS Build 22631.6276 Preview ​​​​​This non-security update for Windows 11, version 23H2 KB5070312, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview updates, Out-of-band OOB...

5.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/11/14 9:10 p.m.16 views

Metasploit Wrap-Up 11/14/2025

It has “SUS” in the name, what did you expect? This week’s release features the much-hyped CVE-2025-59287, a Critical-Severity Windows Server Update Service WSUS vulnerability that allows for SYSTEM level remote code execution. Documented among the multiple recent zero-days in Windows, the...

9.8CVSS8.8AI score0.99962EPSS
Exploits24
Packet Storm
Packet Storm
added 2025/11/12 12:0 a.m.295 views

📄 Windows Server Update Service Deserialization Remote Code Execution

This Metasploit module exploits a deserialization vulnerability in the legacy serialization mechanism in Windows Server Update Services WSUS. The vulnerability allows an unauthenticated attacker to create a specially crafted event, which triggers an unsafe deserialization upon server...

9.8CVSS9.7AI score0.99962EPSS
Exploits24
Microsoft Security Update
Microsoft Security Update
added 2025/11/11 6:0 p.m.10 views

2025-11 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5068781)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.2 views

KB5068781: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (November 2025)

The remote Windows host is missing security update 5068781. It is, therefore, affected by multiple vulnerabilities - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2025-59509, CVE-2025-59513, CVE-2025-60706, CVE-2025-62208,...

9.8CVSS7.8AI score0.061EPSS
Exploits8References34
Kaspersky
Kaspersky
added 2025/11/11 12:0 a.m.6 views

KLA90053 PE vulnerability in Microsoft SQL Server

An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-59499 Related products Microsoft-SQL-Server Microsoft-Azure CVE list CVE-2025-59499 critical KB list 5068405 5068403 5068401...

8.8CVSS7.8AI score0.01114EPSS
Exploits0References12
Kaspersky
Kaspersky
added 2025/11/11 12:0 a.m.6 views

KLA90054 ACE vulnerability in Microsoft Azure

A remote code execution vulnerability was found in Microsoft Azure Monitor Agent. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2025-59504 Related products Microsoft-Azure Azure-Monitor Azure-Monitor-Agent CVE list CVE-2025-59504 high Solution...

7.3CVSS8.7AI score0.00309EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2025/11/11 12:0 a.m.6 views

KLA90061 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-47179 Related products Microsoft-Configuration-Manager CVE list CVE-2025-47179 high Solution Install necessary updates from...

6.7CVSS7.1AI score0.00327EPSS
Exploits0References3
Intel
Intel
added 2025/11/11 12:0 a.m.6 views

Intel® System Support Utility Advisory

Summary: A potential security vulnerability for the Intel® System Support Utility may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24842 Description: Uncontrolled search path for the Intel® Syst...

6.7CVSS6.9AI score0.00123EPSS
Exploits0
Kaspersky
Kaspersky
added 2025/11/11 12:0 a.m.5 views

KLA90058 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Dynamics 365 Field Service...

8.7CVSS6.2AI score0.00865EPSS
Exploits0References7
Rows per page
Query Builder