Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  Security Vulnerabilities
CVE-2025-26685
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-05-13
CVE-2025-27468
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.001
Published
2025-05-13
CVE-2025-27488
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-05-13
CVE-2025-29826
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-05-13
CVE-2025-29829
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.002
Published
2025-05-13
CVE-2025-21264
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
7.1
EPSS Score
0.002
Published
2025-05-13
CVE-2025-24063
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
CVE-2025-26677
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.106
Published
2025-05-13
CVE-2025-26684
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.003
Published
2025-05-13
CVE-2025-35471
conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved