HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-59284

Feb 13, 2026 23:12:05 UTC

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

CVE-2025-59282

Feb 13, 2026 23:12:04 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.

CVE-2025-59281

Feb 13, 2026 23:12:04 UTC

Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally.

CVE-2025-47979

Feb 13, 2026 23:12:03 UTC

Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally.

CVE-2025-59280

Feb 13, 2026 23:12:03 UTC

Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.

CVE-2025-59277

Feb 13, 2026 23:12:02 UTC

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

CVE-2025-59259

Feb 13, 2026 23:12:01 UTC

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

CVE-2025-59258

Feb 13, 2026 23:12:00 UTC

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally.

CVE-2025-59257

Feb 13, 2026 23:12:00 UTC

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

CVE-2025-59255

Feb 13, 2026 23:11:59 UTC

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-59254

Feb 13, 2026 23:11:58 UTC

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-59250

Feb 13, 2026 23:11:58 UTC

Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-59249

Feb 13, 2026 23:11:57 UTC

Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

CVE-2025-59243

Feb 13, 2026 23:11:57 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-49708

Feb 13, 2026 23:11:56 UTC

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.

Page: 37