N-day Feed Updates

List of analysed vulnerabilities

Below is a list of all the CVEs and vulnerabilities we have analysed and that are now part of our n-day feed.

IDYearCVEDescriptionTargetCapabilityStatusCISA KEVReleased Year
12020CVE-2020-17096Microsoft Windows NTFS (ntfs.sys) Memory CorruptionMicrosoft WindowsDoSpocFalse2024
22021CVE-2021-31956Microsoft Windows NTFS (ntfs.sys) Heap Buffer OverflowMicrosoft WindowsLPEweaponizedTrue2024
32021CVE-2021-40466Microsoft Windows Common Log File System Driver (clfs.sys) Heap Buffer OverflowMicrosoft WindowsLPEweaponizedFalse2024
42023CVE-2023-36845Juniper Firewall/VPN (JunOS) PHP External Variable ModificationJuniperpre-auth RCEweaponizedTrue2024
52024CVE-2024-114777-Zip Zstandard Decompression Integer Underflow7-ZipunexploitablepocFalse2024
62024CVE-2024-21338Microsoft Windows AppLocker (appid.sys) Untrusted Pointer DereferenceMicrosoft WindowsLPEweaponizedTrue2024
72024CVE-2024-30078Microsoft Windows Wi-Fi Driver (nwifi.sys) OOB WriteMicrosoft WindowsDoSpocFalse2024
82024CVE-2024-30085Microsoft Windows Cloud Files Mini Filter (cldflt.sys) Heap Buffer OverflowMicrosoft WindowsLPEweaponizedFalse2024
92024CVE-2024-30088Microsoft Windows Kernel TOCTOU Race ConditionMicrosoft WindowsLPEweaponizedTrue2024
102024CVE-2024-35250Microsoft Windows Kernel Streaming (ks.sys and ksthink.sys) Untrusted Pointer DereferenceMicrosoft WindowsLPEweaponizedTrue2025
112024CVE-2024-38054Microsoft Windows Kernel Streaming WOW Thunk Service (ksthunk.sys) Heap Based OverflowMicrosoft WindowsLPEweaponizedFalse2024
122024CVE-2024-38077Microsoft Windows Remote Desktop Licensing Service (TermServLicensing) Heap Overflow (madlicense)Microsoft Windowspre-auth RCEweaponizedFalse2024
132024CVE-2024-38080Microsoft Windows Hyper-V Integer OverflowMicrosoft WindowsLPEweaponizedTrue2024
142024CVE-2024-38193Microsoft Windows Ancillary Function Driver for WinSock (afd.sys) Use After FreeMicrosoft WindowsLPEweaponizedTrue2024
152024CVE-2024-43572Microsoft Windows Management ConsoleMicrosoft WindowsRCEweaponizedTrue2024
162024CVE-2024-43639Microsoft Windows KDC Proxy (kpssvc.dll) Numeric Truncation ErrorMicrosoft WindowsunexploitablepocFalse2024
172024CVE-2024-46740Google Android (Linux Binder) Use After FreeGoogle AndroidLPEweaponizedFalse2025
182024CVE-2024-47575Fortinet Fortimanager Missing AuthenticationFortinet Fortimanagerpre-auth RCEweaponizedTrue2024
192024CVE-2024-7965Google Chrome Android TurboFan Instruction Selection BugGoogle ChromeRCEweaponizedTrue2024
202024CVE-2024-43511Microsoft Windows Kernel TOCTOU Race ConditionMicrosoft WindowsunexploitablepocFalse2024
212024CVE-2024-38178Microsoft Windows Scripting Engine (JScript9.dll) Internet Explorer/Edge Chakra Engine Type ConfusionMicrosoft Windows Internet Explorer/EdgeRCEweaponizedTrue2025
222024CVE-2024-49090Microsoft Windows Common Log File System Driver (clfs.sys) Untrusted Pointer DereferenceMicrosoft WindowsLPEweaponizedFalse2025
232025CVE-2025-21298Microsoft Windows OLE Double FreeMicrosoft WindowsunexploitablepocFalse2025
242025ZDI-CAN-25373Microsoft Windows LNK File UI MisrepresentationMicrosoft WindowsRCEweaponizedFalse2025
252024CVE-2024-38189Microsoft Project Improper Input ValidationMicrosoft ProjectRCEweaponizedTrue2025
262024CVE-2024-43454Microsoft Windows Remote Desktop Licensing Service (TermServLicensing) Relative Path TraversalMicrosoft WindowsArbitrary File DeletionweaponizedFalse2025
272025CVE-2025-21293Active Directory Domain Services Improper Access ControlMicrosoft WindowsLPEweaponizedFalse2025
282020CVE-2020-9054Zyxel NAS and Firewall Devices Command InjectionZyXelpre-auth RCEweaponizedTrue2025