Skip to main content
CVE-2025-21313 MEDIUM This Month

Windows Security Account Manager (SAM) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Windows 11 24h2 Windows Server 2022 23h2 Windows Server 2025 +1
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2025-21310 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21308 MEDIUM PATCH CERT-EU This Month

Windows Themes Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2025-21301 MEDIUM PATCH This Month

Windows Geolocation Service Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Information Disclosure Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2025-21288 MEDIUM PATCH This Month

Windows COM Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21284 MEDIUM PATCH This Month

Windows Virtual Trusted Platform Module Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21280 MEDIUM PATCH This Month

Windows Virtual Trusted Platform Module Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-21278 MEDIUM PATCH This Month

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Microsoft Race Condition Denial Of Service Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2025-21274 MEDIUM PATCH This Month

Windows Event Tracing Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21272 MEDIUM PATCH This Month

Windows COM Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21269 MEDIUM PATCH Monitor

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21268 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21265 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21263 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21261 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21260 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21258 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21257 MEDIUM PATCH This Month

Windows WLAN AutoConfig Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21256 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21255 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21249 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21242 MEDIUM PATCH This Month

Windows Kerberos Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2025-21232 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21229 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21228 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21227 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21226 MEDIUM PATCH This Month

Windows Digital Media Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Microsoft Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2025-21225 MEDIUM PATCH This Month

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Microsoft Memory Corruption Denial Of Service Windows Server 2016 Windows Server 2019 +4
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2025-21219 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2025-21217 MEDIUM PATCH This Month

Windows NTLM Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2025-21215 MEDIUM PATCH Monitor

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2025-21214 MEDIUM PATCH Monitor

Windows BitLocker Information Disclosure Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2025-21213 MEDIUM PATCH Monitor

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2025-21211 MEDIUM PATCH This Month

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-21210 MEDIUM PATCH Monitor

Windows BitLocker Information Disclosure Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2025-21202 MEDIUM PATCH This Month

Windows Recovery Environment Agent Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-21193 MEDIUM PATCH This Month

Active Directory Federation Server Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2022 23h2 +2
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2025-21189 MEDIUM PATCH Monitor

MapUrlToZone Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +12
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2025-0465 MEDIUM This Month

A vulnerability was found in AquilaCMS 1.412.13. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-23081 MEDIUM PATCH This Month

Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF XSS
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2025-23080 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - OpenBadges Extension allows Cross-Site Scripting. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-0464 MEDIUM POC This Month

A vulnerability was found in SourceCodester Task Reminder System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Task Reminder System
NVD VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-0463 MEDIUM This Month

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Authentication Bypass PHP Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-0462 MEDIUM This Month

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2024-53563 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-52898 MEDIUM This Month

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Mq
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2024-45627 MEDIUM PATCH This Month

In Apache Linkis <1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apache Path Traversal Linkis
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-0461 MEDIUM This Month

A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.0%
CVE-2025-0460 MEDIUM This Month

A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Authentication Bypass PHP
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-0459 MEDIUM Monitor

A vulnerability, which was classified as problematic, has been found in libretro RetroArch up to 1.19.1 on Windows. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows Suse
NVD VulDB
CVSS 4.0
4.8
EPSS
0.1%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy