HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-21384

Feb 13, 2026 19:38:48 UTC

An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.

CVE-2025-26683

Feb 13, 2026 19:38:48 UTC

Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-29806

Feb 13, 2026 19:38:47 UTC

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2025-29814

Feb 13, 2026 19:38:47 UTC

Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.

CVE-2025-29807

Feb 13, 2026 19:38:46 UTC

Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.

CVE-2025-25008

Feb 13, 2026 19:38:46 UTC

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

CVE-2025-25003

Feb 13, 2026 19:38:45 UTC

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

CVE-2025-24998

Feb 13, 2026 19:38:44 UTC

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

CVE-2025-24997

Feb 13, 2026 19:38:44 UTC

Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.

CVE-2025-24996

Feb 13, 2026 19:38:43 UTC

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-24995

Feb 13, 2026 19:38:43 UTC

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-21180

Feb 13, 2026 19:38:42 UTC

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.

CVE-2025-24988

Feb 13, 2026 19:38:41 UTC

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

CVE-2025-24987

Feb 13, 2026 19:38:41 UTC

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

CVE-2025-24986

Feb 13, 2026 19:38:40 UTC

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.

Page: 65