{"vulnerability": "CVE-2025-2980", "sightings": [{"uuid": "8492fe52-40e6-465a-b2e0-d289730bc91b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-298027", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0110", "content": "", "creation_timestamp": "2025-04-08T16:54:30.000000Z"}, {"uuid": "3b8c46f9-c3c5-4a98-a9ce-c89d3c9f04de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29807", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114198137851141313", "content": "", "creation_timestamp": "2025-03-21T02:48:17.765071Z"}, {"uuid": "c7b081da-fba2-41f2-8d60-018bedf1cc42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29807", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114198165753912326", "content": "", "creation_timestamp": "2025-03-21T02:55:23.446801Z"}, {"uuid": "ca208828-f1a8-423a-8627-af35822169a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29807", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkuandovdc2k", "content": "", "creation_timestamp": "2025-03-21T03:14:25.302695Z"}, {"uuid": "cbbea68f-8836-4e60-91ff-8a568402ee6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29806", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll32ueok7y2x", "content": "", "creation_timestamp": "2025-03-23T20:19:34.189936Z"}, {"uuid": "aff459ae-7596-4fbe-beb1-6e58157d614c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29806", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114214660616678541", "content": "", "creation_timestamp": "2025-03-24T00:50:15.068128Z"}, {"uuid": "de164028-c0b8-4ed8-a4c9-3b3f505b689a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29806", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ll3s3gh2ls2e", "content": "", "creation_timestamp": "2025-03-24T03:15:08.489222Z"}, {"uuid": "f6948d5f-6f67-4971-94ee-4e01f9f50de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29805", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "e4dfc44b-68dd-4a5d-bb38-49c35f7cb49b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29804", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "4731f47c-7df2-4b0f-9697-bea2455ae61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-298037", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0110", "content": "", "creation_timestamp": "2025-04-08T16:54:30.000000Z"}, {"uuid": "1195f928-dc4b-4293-9521-531f20021c65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-298047", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0110", "content": "", "creation_timestamp": "2025-04-08T16:54:30.000000Z"}, {"uuid": "65c8cfeb-d3a9-40ef-9fa7-ed1ff6dcde75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29802", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "c5c6a09b-2301-44c9-a075-f450204937b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-298007", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0107", "content": "", "creation_timestamp": "2025-04-08T16:50:53.000000Z"}, {"uuid": "c5bf5cd3-bf7c-48f4-85c5-a19e2e5c9212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-298017", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0107", "content": "", "creation_timestamp": "2025-04-08T16:50:53.000000Z"}, {"uuid": "f0b12f32-8195-47bb-82cc-d76ea18c14ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29809", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "069a7f85-147e-49a9-84bd-ecae5ef7f2e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29800", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "c3807b31-2d8f-432a-a441-2f286fb405d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29801", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "b589c126-23aa-4f06-8f6c-eedfc4237a1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29803", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "2d9794a7-4420-44c5-8e3b-bac1debaae38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29808", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "f289ff84-e650-4a82-b9cf-ff9258209909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29800", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10972", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29800\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.\n\ud83d\udccf Published: 2025-04-08T17:24:13.298Z\n\ud83d\udccf Modified: 2025-04-08T17:36:48.357Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29800", "creation_timestamp": "2025-04-08T17:46:48.000000Z"}, {"uuid": "f398fce7-ebae-4c1b-be70-aeb6ca7ea2bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29803", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmlt6qkjlh2u", "content": "", "creation_timestamp": "2025-04-12T05:42:39.400486Z"}, {"uuid": "84c4451e-f32c-4c41-a97d-4a57e05c867d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29805", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "caa4e7ee-f346-4a2c-afe1-8d3961afe3a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-29809", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/77a1b8aa-f86f-4c74-af5b-7e082c7ae3de", "content": "", "creation_timestamp": "2025-04-10T11:32:21.060085Z"}, {"uuid": "cb1b6821-918b-4a44-8aaa-0f630b955f54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29807", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8372", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29807\n\ud83d\udd25 CVSS Score: 8.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.\n\ud83d\udccf Published: 2025-03-21T00:29:57.849Z\n\ud83d\udccf Modified: 2025-03-21T15:42:18.541Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29807", "creation_timestamp": "2025-03-21T16:19:36.000000Z"}, {"uuid": "6533ad48-8a3c-4b7b-a21e-add8516b0abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-29809", "type": "seen", "source": "https://infosec.exchange/users/alexandreborges/statuses/114345957091253500", "content": "", "creation_timestamp": "2025-04-16T05:20:40.357770Z"}, {"uuid": "7631b6d2-93b2-4cef-92c8-02740637a8bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29805", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:39.000000Z"}, {"uuid": "b51398ac-5e4d-4f35-8f39-8c9cc8f19fdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2980", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9609", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2980\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in Legrand SMS PowerView 1.x. This vulnerability affects unknown code. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-31T06:31:03.825Z\n\ud83d\udccf Modified: 2025-03-31T06:31:03.825Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302032\n2. https://vuldb.com/?ctiid.302032\n3. https://vuldb.com/?submit.523212", "creation_timestamp": "2025-03-31T07:30:40.000000Z"}, {"uuid": "334eb11f-918b-4a6b-a4a4-7a9c5542b656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29805", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10966", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29805\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.\n\ud83d\udccf Published: 2025-04-08T17:24:17.031Z\n\ud83d\udccf Modified: 2025-04-08T17:36:51.874Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29805", "creation_timestamp": "2025-04-08T17:46:39.000000Z"}, {"uuid": "eeedb2e4-1d13-4c6b-8acf-87a58013acd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29801", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10970", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29801\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.\n\ud83d\udccf Published: 2025-04-08T17:24:14.548Z\n\ud83d\udccf Modified: 2025-04-08T17:36:49.617Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29801", "creation_timestamp": "2025-04-08T17:46:43.000000Z"}, {"uuid": "d78df494-8cad-45b4-bc30-9b63e5479c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29804", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10969", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29804\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.\n\ud83d\udccf Published: 2025-04-08T17:24:15.218Z\n\ud83d\udccf Modified: 2025-04-08T17:36:50.260Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29804", "creation_timestamp": "2025-04-08T17:46:42.000000Z"}, {"uuid": "886fb5e5-3f1e-4995-82d2-269add81d428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29809", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10968", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29809\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RC:C)\n\ud83d\udd39 Description: Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.\n\ud83d\udccf Published: 2025-04-08T17:24:15.812Z\n\ud83d\udccf Modified: 2025-04-08T17:36:50.775Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809", "creation_timestamp": "2025-04-08T17:46:41.000000Z"}, {"uuid": "bfa68b36-bc69-4a65-8d19-f23b00c10ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29808", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29808\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.\n\ud83d\udccf Published: 2025-04-08T17:24:16.441Z\n\ud83d\udccf Modified: 2025-04-08T17:36:51.293Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808", "creation_timestamp": "2025-04-08T17:46:40.000000Z"}, {"uuid": "fd41be2b-02b6-42ec-a3df-c309a03b862c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29802", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10971", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29802\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.\n\ud83d\udccf Published: 2025-04-08T17:24:13.959Z\n\ud83d\udccf Modified: 2025-04-08T17:36:49.038Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29802", "creation_timestamp": "2025-04-08T17:46:47.000000Z"}, {"uuid": "94c99725-10c6-4c41-9539-8fcb0083eb5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29803", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11642", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29803\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.\n\ud83d\udccf Published: 2025-04-12T01:32:36.336Z\n\ud83d\udccf Modified: 2025-04-14T16:38:36.817Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29803", "creation_timestamp": "2025-04-14T16:53:35.000000Z"}, {"uuid": "7891d983-1db8-47e1-a7e9-f24431a856e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29803", "type": "seen", "source": "https://t.me/cvedetector/22791", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29803 - Microsoft SQL Server Management Studio Path Traversal Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-29803 \nPublished : April 12, 2025, 2:15 a.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-12T06:39:55.000000Z"}, {"uuid": "06900996-0dab-4ef0-b0a5-1657619f2b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29809", "type": "seen", "source": "https://t.me/kasperskyb2b/1694", "content": "\ud83d\udd2c \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 Patch Tuesday: \u043b\u0443\u0447\u0448\u0435\u0435, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0432\u043f\u0435\u0440\u0435\u0434\u0438!\n\nMicrosoft \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0432 134 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 (\u0438\u0437 \u043d\u0438\u0445 10 \u2014 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445). \u041e\u0434\u043d\u0430 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u043c, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 ransomware, \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b. \u041d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e\u0439 \u043d\u043e\u0432\u0438\u043d\u043a\u043e\u0439 \u044d\u0442\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u0441\u0442\u0430\u043b\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f Windows 11, \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows 10 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u00ab\u043f\u043e\u0437\u0436\u0435\u00bb.  \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0434\u0430\u043b\u0430 \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u043e\u0446\u0435\u043d\u043a\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0430 CVSS3.1. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u043e\u043b\u044c\u0448\u0435 \u0447\u0435\u043c \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430\u0445 \u0441\u0434\u0435\u043b\u0430\u043d\u0430 \u043f\u043e\u043f\u0440\u0430\u0432\u043a\u0430 \u043d\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043b\u0438\u0448\u044c 11 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0446\u0435\u043d\u043a\u0443 critical, 2 \u2014 low, \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u2014 important. 49 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 31 \u2014 \u043a RCE, 17 \u2014 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 14 \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, 9 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 3 \u2014  spoofing.\n\n\n\u0417\u0438\u0440\u043e\u0434\u0435\u0439 \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0435 RansomEXX\nCVE-2025-29824 (7.8) \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 use after free \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 CLFS \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e system.  \n\u0414\u0435\u0444\u0435\u043a\u0442\u043e\u043c \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0441\u0430\u043c\u043e\u0439 Microsoft \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 RansomEXX/Storm-2460, \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044f \u043d\u0430 \u043f\u043e\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0431\u044d\u043a\u0434\u043e\u0440 PipeMagic \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u044f \u0435\u0433\u043e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u0438\u0434\u0438\u0442 \u043d\u0435\u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438. \u041c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u043e\u0431 \u044d\u0442\u043e\u043c \u0412\u041f\u041e \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u0430\u0442\u0430\u043a\u0438 \u0441 \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u043b\u043d \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445. \u0421\u0430\u043c\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CLFS \u0438\u043c\u0435\u043d\u043d\u043e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u2014 \u0445\u043e\u0440\u043e\u0448\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043d\u0430\u043c\u0438 \u0444\u0435\u043d\u043e\u043c\u0435\u043d, \u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 5 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043d\u0438\u0445 \u0432 Microsoft.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\u0425\u043e\u0442\u044f \u0443 \u043c\u043d\u043e\u0433\u0438\u0445 \u043e\u043f\u0430\u0441\u043d\u043e \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0449\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043e\u0446\u0435\u043d\u0438\u043b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043a\u0430\u043a \u043c\u0435\u043d\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0443\u044e \u0438\u0437-\u0437\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0431\u0435\u0434\u0438\u0442\u044c \u0432 \u0433\u043e\u043d\u043a\u0435 (race condition), \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0438\u043b\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e.\nCVE-2025-26663/CVE-2025-26670 \u2014 RCE \u0432  Windows LDAP, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443. \nCVE-2025-29809 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Kerberos \u0432 \u043e\u0431\u0445\u043e\u0434 Windows Defender Credential Guard. \u041a\u0440\u043e\u043c\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0430\u0442\u0447\u0430 \u043d\u0430\u0434\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0438 \u0437\u0430\u043d\u043e\u0432\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 VBS.\nCVE-2025-27480/CVE-2025-27482 \u2014 RCE \u0432 Remote Desktop Services, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0432 \u0440\u043e\u043b\u0438 \u0448\u043b\u044e\u0437\u0430 Remote Desktop.\nCVE-2025-27740 \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Active Directory Certificate Services, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0430. \nCVE-2025-26686 \u2014 RCE TCP/IP. \u0416\u0435\u0440\u0442\u0432\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 DHCPv6, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u0432 \u043e\u0442\u0432\u0435\u0442. \nCVE-2025-27752 / CVE-2025-29791 \u2014 RCE \u0432 Excel, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u043d\u0435\u043b\u044c \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430. \u0411\u043e\u043d\u0443\u0441\u043e\u043c \u2014 CVE-2025-27745, -27748, -27749, \u0432\u0441\u0435 \u0432 Office \u0431\u0435\u0437 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432, \u0442\u043e\u0436\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440.\n\n#\u043f\u0430\u0442\u0447\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2025-04-09T09:10:24.000000Z"}, {"uuid": "d0c65392-f1b2-4789-ac83-5939c5b95f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2980", "type": "seen", "source": "https://t.me/cvedetector/21566", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2980 - Legrand SMS PowerView Open Redirect Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2980 \nPublished : March 31, 2025, 7:15 a.m. | 1\u00a0hour, 32\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in Legrand SMS PowerView 1.x. This vulnerability affects unknown code. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T10:49:41.000000Z"}, {"uuid": "e332f4fa-5d87-4b07-b53c-bbfa8666fe0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29806", "type": "seen", "source": "https://t.me/cvedetector/20908", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29806 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29806 \nPublished : March 23, 2025, 5:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-23T19:49:42.000000Z"}, {"uuid": "8b45c48f-0e90-4ecb-b793-88631d9fbce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29807", "type": "seen", "source": "https://t.me/cvedetector/20779", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29807 - Microsoft Dataverse Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-29807 \nPublished : March 21, 2025, 1:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network. \nSeverity: 8.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-21T04:16:27.000000Z"}]}