CVE-2025-26664

Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

CVE-2025-26647

Improper input validation in Windows Kerberos allows an authorized attacker to elevate privileges over a network...

Windows Remote Desktop Services Remote Code Execution Vulnerability

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network...

Windows TCP/IP Remote Code Execution Vulnerability

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network...

Windows Kerberos Elevation of Privilege Vulnerability

Improper input validation in Windows Kerberos allows an authorized attacker to elevate privileges over a network...

PT-2025-15530 · Microsoft · Streaming Service +1

Name of the Vulnerable Software and Affected Versions: Microsoft Streaming Service affected versions not specified Description: The issue concerns sensitive data storage in improperly locked memory, allowing an unauthorized attacker to deny service over a network. Recommendations: At the moment,...

PT-2025-15506 · Microsoft · Windows Routing/Remote Access Service +1

Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS affected versions not specified Description: The issue is related to a buffer over-read that allows an unauthorized attacker to disclose information over a network. It enables attackers to obtain...

PT-2025-15524

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description A flaw exists in the Windows TCP/IP stack related to the improper locking of memory containing sensitive data. This allows a remote, unauthorized attacker to execute arbitrary code...

PT-2025-15528 · Microsoft · Windows Ldap +1

Name of the Vulnerable Software and Affected Versions: Windows LDAP affected versions not specified Description: The issue concerns uncontrolled resource consumption in Windows LDAP, allowing an unauthorized attacker to deny service over a network. This can lead to a denial-of-service attack...

KB5055570: Windows Server 2008 R2 Security Update (April 2025)

The remote Windows host is missing security update 5055570. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. CVE-2025-26687 - A remote code execution vulnerability. An attacker ca...

DEBIAN-CVE-2024-38797

EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...

CVE-2025-3329 Consumer Comanda Mobile Restaurant Order cleartext transmission

A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3.2/15.0.0.8. This affects an unknown part of the component Restaurant Order Handler. The manipulation of the argument Login/Password leads to cleartext transmission of sensitive information. The attack...

CVE-2025-29815

Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...

CVE-2025-29815

Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...

CVE-2025-25000

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

CVE-2025-26683

Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2097 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server denial of service vulnerability April 2, 2025 CVE Number CVE-2024-50384,CVE-2024-50385 SUMMARY A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics...

About the security content of AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, and CarPlay Communication Plug-in R18.1 Updates

About the security content of AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, and CarPlay Communication Plug-in R18.1 Updates This document is intended for developers of accessories or software compatible with Apple devices. These updates are available for members of the Apple MFi Program...

CVE-2025-2959 TRENDnet TEW-410APB HTTP Request httpd sub_4019A0 null pointer dereference

A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated with...

CVE-2025-2959 TRENDnet TEW-410APB HTTP Request httpd sub_4019A0 null pointer dereference

A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It has been rated as problematic. Affected by this issue is the function sub4019A0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack needs to be initiated with...