on August 21, 2025 at 7:00 am — CVE-2025-53763 Azure Databricks Elevation of Privilege Vulnerability
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.
on August 21, 2025 at 7:00 am — CVE-2025-53795 Microsoft PC Manager Elevation of Privilege Vulnerability
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network.
on August 21, 2025 at 7:00 am — CVE-2025-55230 Windows MBT Transport Driver Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
on August 21, 2025 at 7:00 am — CVE-2025-55229 Windows Certificate Spoofing Vulnerability
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
on August 20, 2025 at 1:00 pm — Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
Static Tundra is a Russian state-sponsored cyber espionage group linked to the FSB’s Center 16 unit that has been operating for over a decade, specializing in compromising network devices for long-term intelligence gathering operations. The group actively exploits a seven-year-old vulnerability (CVE-2018-0171), which was patched at the time of the vulnerability publications, in Cisco IOS
on August 18, 2025 at 7:00 am — CVE-2025-49716 Windows Netlogon Denial of Service Vulnerability
Updated first FAQ to state that CVE-2020-0674 has now been issued to address this vulnerability. This is an informational change only.
on August 15, 2025 at 7:00 am — Chromium: CVE-2025-8881 Inappropriate implementation in File Picker
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on August 15, 2025 at 7:00 am — Chromium: CVE-2025-8901 Out of bounds write in ANGLE
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on August 15, 2025 at 7:00 am — Chromium: CVE-2025-8901 Out of bounds write in ANGLE Read More »
on August 15, 2025 at 7:00 am — Chromium: CVE-2025-8880 Race in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on August 15, 2025 at 7:00 am — Chromium: CVE-2025-8880 Race in V8 Read More »