Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
CVE-2025-59230
HIGH CVSS 7.8 KEV
Find Similar
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally.
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network.