HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-59294

Dec 11, 2025 19:35:41 UTC

Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack.

CVE-2025-59292

Dec 11, 2025 19:35:40 UTC

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.

CVE-2025-59291

Dec 11, 2025 19:35:39 UTC

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.

CVE-2025-59290

Dec 11, 2025 19:35:39 UTC

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2025-59288

Dec 11, 2025 19:35:38 UTC

Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network.

CVE-2025-59284

Dec 11, 2025 19:35:38 UTC

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

CVE-2025-59282

Dec 11, 2025 19:35:37 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.

CVE-2025-59281

Dec 11, 2025 19:35:37 UTC

Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally.

CVE-2025-47979

Dec 11, 2025 19:35:36 UTC

Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally.

CVE-2025-59280

Dec 11, 2025 19:35:36 UTC

Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.

CVE-2025-59277

Dec 11, 2025 19:35:35 UTC

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

CVE-2025-59259

Dec 11, 2025 19:35:34 UTC

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

CVE-2025-59258

Dec 11, 2025 19:35:34 UTC

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally.

CVE-2025-59257

Dec 11, 2025 19:35:33 UTC

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

CVE-2025-59255

Dec 11, 2025 19:35:33 UTC

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Page: 37