VDB
GCVE-110-NCSC-2025-310
GCVE-110-NCSC-2025-310
Advisory PublishedCVSS 6.2/10
In Active Directory Federation Services, sensitive information logged can be exploited by unauthorized attackers, leading to potential local disclosure of confidential data.
Weaknesses (CWE)
CWE-532Insertion of Sensitive Information into Log FileCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-122Heap-based Buffer OverflowCWE-416Use After FreeCWE-502Deserialization of Untrusted DataCWE-822Untrusted Pointer DereferenceCWE-121Stack-based Buffer OverflowCWE-126Buffer Over-readCWE-1023Incomplete Comparison with Missing FactorsCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-288Authentication Bypass Using an Alternate Path or ChannelCWE-125Out-of-bounds ReadCWE-287Improper AuthenticationCWE-209Generation of Error Message Containing Sensitive InformationCWE-1287Improper Validation of Specified Type of InputCWE-190Integer Overflow or WraparoundCWE-20Improper Input ValidationCWE-73External Control of File Name or PathCWE-284Improper Access ControlCWE-908Use of Uninitialized ResourceCWE-324Use of a Key Past its Expiration DateCWE-807Reliance on Untrusted Inputs in a Security DecisionCWE-319Cleartext Transmission of Sensitive InformationCWE-841Improper Enforcement of Behavioral WorkflowCWE-312Cleartext Storage of Sensitive InformationCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-476NULL Pointer DereferenceCWE-1240Use of a Cryptographic Primitive with a Risky ImplementationCWE-59Improper Link Resolution Before File Access ('Link Following')CWE-347Improper Verification of Cryptographic SignatureCWE-415Double Free
Risk Scores
CVSS 3.1
6.2/10
Medium · CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Threat Intelligence
Snort Rules (1)
1059287 — Microsoft Windows Server Update Services (WSUS) Unauthenticated Remote Code Execution via Insecure Deserialization (CVE-2025-59287)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Microsoft | vers:unknown/* | — | — |
Aliases
CVE-2016-9535CVE-2025-24052CVE-2025-24990CVE-2025-25004CVE-2025-2884CVE-2025-47827CVE-2025-47979CVE-2025-48004CVE-2025-48813CVE-2025-49708CVE-2025-50152CVE-2025-50174CVE-2025-50175CVE-2025-53139CVE-2025-53150CVE-2025-53717CVE-2025-53768CVE-2025-54957CVE-2025-55325CVE-2025-55326CVE-2025-55328CVE-2025-55330CVE-2025-55331CVE-2025-55332CVE-2025-55333CVE-2025-55334CVE-2025-55335CVE-2025-55336CVE-2025-55337CVE-2025-55338CVE-2025-55339CVE-2025-55340CVE-2025-55676CVE-2025-55677CVE-2025-55678CVE-2025-55679CVE-2025-55680CVE-2025-55681CVE-2025-55682CVE-2025-55683CVE-2025-55684CVE-2025-55685CVE-2025-55686CVE-2025-55687CVE-2025-55688CVE-2025-55689CVE-2025-55690CVE-2025-55691CVE-2025-55692CVE-2025-55693CVE-2025-55694CVE-2025-55695CVE-2025-55696CVE-2025-55697CVE-2025-55698CVE-2025-55699CVE-2025-55700CVE-2025-55701CVE-2025-58714CVE-2025-58715CVE-2025-58716CVE-2025-58717CVE-2025-58718CVE-2025-58719CVE-2025-58720CVE-2025-58722CVE-2025-58725CVE-2025-58726CVE-2025-58727CVE-2025-58728CVE-2025-58729CVE-2025-58730CVE-2025-58731CVE-2025-58732CVE-2025-58733CVE-2025-58734CVE-2025-58735CVE-2025-58736CVE-2025-58737CVE-2025-58738CVE-2025-58739CVE-2025-59184CVE-2025-59185CVE-2025-59186CVE-2025-59187CVE-2025-59188CVE-2025-59189CVE-2025-59190CVE-2025-59191CVE-2025-59192CVE-2025-59193CVE-2025-59194CVE-2025-59195CVE-2025-59196CVE-2025-59197CVE-2025-59198CVE-2025-59199CVE-2025-59200CVE-2025-59201CVE-2025-59202CVE-2025-59203CVE-2025-59204CVE-2025-59205CVE-2025-59206CVE-2025-59207CVE-2025-59208CVE-2025-59209CVE-2025-59210CVE-2025-59211CVE-2025-59214CVE-2025-59230CVE-2025-59241CVE-2025-59242CVE-2025-59244CVE-2025-59253CVE-2025-59254CVE-2025-59255CVE-2025-59257CVE-2025-59258CVE-2025-59259CVE-2025-59260CVE-2025-59261CVE-2025-59275CVE-2025-59277CVE-2025-59278CVE-2025-59280CVE-2025-59282CVE-2025-59284CVE-2025-59287CVE-2025-59289CVE-2025-59290CVE-2025-59294CVE-2025-59295
References
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.