VDB

GCVE-110-NCSC-2025-310

GCVE-110-NCSC-2025-310
Advisory PublishedCVSS 6.2/10
Vulnetix · Advisory published October 14, 2025
In Active Directory Federation Services, sensitive information logged can be exploited by unauthorized attackers, leading to potential local disclosure of confidential data.

Weaknesses (CWE)

CWE-532Insertion of Sensitive Information into Log FileCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-122Heap-based Buffer OverflowCWE-416Use After FreeCWE-502Deserialization of Untrusted DataCWE-822Untrusted Pointer DereferenceCWE-121Stack-based Buffer OverflowCWE-126Buffer Over-readCWE-1023Incomplete Comparison with Missing FactorsCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-288Authentication Bypass Using an Alternate Path or ChannelCWE-125Out-of-bounds ReadCWE-287Improper AuthenticationCWE-209Generation of Error Message Containing Sensitive InformationCWE-1287Improper Validation of Specified Type of InputCWE-190Integer Overflow or WraparoundCWE-20Improper Input ValidationCWE-73External Control of File Name or PathCWE-284Improper Access ControlCWE-908Use of Uninitialized ResourceCWE-324Use of a Key Past its Expiration DateCWE-807Reliance on Untrusted Inputs in a Security DecisionCWE-319Cleartext Transmission of Sensitive InformationCWE-841Improper Enforcement of Behavioral WorkflowCWE-312Cleartext Storage of Sensitive InformationCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-476NULL Pointer DereferenceCWE-1240Use of a Cryptographic Primitive with a Risky ImplementationCWE-59Improper Link Resolution Before File Access ('Link Following')CWE-347Improper Verification of Cryptographic SignatureCWE-415Double Free

Risk Scores

CVSS 3.1
6.2/10
Medium · CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Threat Intelligence

Snort Rules (1)

1059287 — Microsoft Windows Server Update Services (WSUS) Unauthenticated Remote Code Execution via Insecure Deserialization (CVE-2025-59287)

Affected Products

VendorProductVersionsPlatforms
Microsoftvers:unknown/*

Aliases

CVE-2016-9535CVE-2025-24052CVE-2025-24990CVE-2025-25004CVE-2025-2884CVE-2025-47827CVE-2025-47979CVE-2025-48004CVE-2025-48813CVE-2025-49708CVE-2025-50152CVE-2025-50174CVE-2025-50175CVE-2025-53139CVE-2025-53150CVE-2025-53717CVE-2025-53768CVE-2025-54957CVE-2025-55325CVE-2025-55326CVE-2025-55328CVE-2025-55330CVE-2025-55331CVE-2025-55332CVE-2025-55333CVE-2025-55334CVE-2025-55335CVE-2025-55336CVE-2025-55337CVE-2025-55338CVE-2025-55339CVE-2025-55340CVE-2025-55676CVE-2025-55677CVE-2025-55678CVE-2025-55679CVE-2025-55680CVE-2025-55681CVE-2025-55682CVE-2025-55683CVE-2025-55684CVE-2025-55685CVE-2025-55686CVE-2025-55687CVE-2025-55688CVE-2025-55689CVE-2025-55690CVE-2025-55691CVE-2025-55692CVE-2025-55693CVE-2025-55694CVE-2025-55695CVE-2025-55696CVE-2025-55697CVE-2025-55698CVE-2025-55699CVE-2025-55700CVE-2025-55701CVE-2025-58714CVE-2025-58715CVE-2025-58716CVE-2025-58717CVE-2025-58718CVE-2025-58719CVE-2025-58720CVE-2025-58722CVE-2025-58725CVE-2025-58726CVE-2025-58727CVE-2025-58728CVE-2025-58729CVE-2025-58730CVE-2025-58731CVE-2025-58732CVE-2025-58733CVE-2025-58734CVE-2025-58735CVE-2025-58736CVE-2025-58737CVE-2025-58738CVE-2025-58739CVE-2025-59184CVE-2025-59185CVE-2025-59186CVE-2025-59187CVE-2025-59188CVE-2025-59189CVE-2025-59190CVE-2025-59191CVE-2025-59192CVE-2025-59193CVE-2025-59194CVE-2025-59195CVE-2025-59196CVE-2025-59197CVE-2025-59198CVE-2025-59199CVE-2025-59200CVE-2025-59201CVE-2025-59202CVE-2025-59203CVE-2025-59204CVE-2025-59205CVE-2025-59206CVE-2025-59207CVE-2025-59208CVE-2025-59209CVE-2025-59210CVE-2025-59211CVE-2025-59214CVE-2025-59230CVE-2025-59241CVE-2025-59242CVE-2025-59244CVE-2025-59253CVE-2025-59254CVE-2025-59255CVE-2025-59257CVE-2025-59258CVE-2025-59259CVE-2025-59260CVE-2025-59261CVE-2025-59275CVE-2025-59277CVE-2025-59278CVE-2025-59280CVE-2025-59282CVE-2025-59284CVE-2025-59287CVE-2025-59289CVE-2025-59290CVE-2025-59294CVE-2025-59295

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›