Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-27363
Amazon Linux 2023 : freetype, freetype-demos, freetype-devel (ALAS2023-2025-925)
🚨 Marked as known exploited on April 17th, 2025 (about 7 hours ago).
Description: Nessus Plugin ID 234514 with High Severity Synopsis The remote Amazon Linux 2023 host is missing a security update. Description It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-925 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. (CVE-2025-27363)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Run 'dnf update freetype --releasever 2023.7.20250331' to update your system. Read more at https://www.tenable.com/plugins/nessus/234514

CVSS: HIGH (8.1)

Source: Tenable Plugins
April 17th, 2025 (about 7 hours ago)

CVE-2025-31200
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and...
🚨 Marked as known exploited on April 17th, 2025 (about 14 hours ago).
Description: A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

CVSS: HIGH (7.5)

SSVC Exploitation: none

Source: CVE
April 16th, 2025 (about 23 hours ago)
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
🚨 Marked as known exploited on April 11th, 2025 (7 days ago).
Description: A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. "The

CVSS: HIGH (8.1)

EPSS Score: 0.17%

Source: TheHackerNews
April 11th, 2025 (7 days ago)

CVE-2022-21658
Siemens SIDIS Prime
🚨 Marked as known exploited on April 10th, 2025 (7 days ago).
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIDIS Prime Vulnerabilities: Race Condition Enabling Link Following, Improper Validation of Integrity Check Value, Unchecked Input for Loop Condition, Expected Behavior Violation, Incorrect Provision of Specified Functionality, Heap-based Buffer Overflow, Cleartext Transmission of Sensitive Information, Use After Free, NULL Pointer Dereference, Exposure of Sensitive Information to an Unauthorized Actor, Out-of-bounds Write, Improper Input Validation, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized deletions, cause denial of service, corrupt application state, leak sensitive information, or potentially execute remote code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIDIS Prime: All versions before V4.0.700 3.2 VULNERABILITY OVERVIEW 3.2.1 RACE CONDITION ENABLING LINK FOLLOWING CWE-363 Rust is a multi-paradigm, general-purpose programming language designed for performance and safety,...

CVSS: HIGH (7.3)

Source: All CISA Advisories
April 10th, 2025 (7 days ago)

CVE-2025-3102
SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation
🚨 Marked as known exploited on April 11th, 2025 (7 days ago).
Description: The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.

CVSS: HIGH (8.1)

EPSS Score: 0.17%

Source: CVE
April 10th, 2025 (8 days ago)
Microsoft Fixes Actively Exploited CLFS Zero-Day Used in Ransomware Attacks
🚨 Marked as known exploited on April 10th, 2025 (7 days ago).
Description: Microsoft’s April 2025 Patch Tuesday rollout includes a critical fix for an actively exploited zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, which threat actors have used to launch ransomware attacks across multiple sectors. The vulnerability was discovered by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center … The post Microsoft Fixes Actively Exploited CLFS Zero-Day Used in Ransomware Attacks appeared first on CyberInsider.

CVSS: HIGH (7.8)

EPSS Score: 3.59%

Source: CyberInsider
April 8th, 2025 (9 days ago)
Microsoft’s April 2025 Patch Tuesday Addresses 121 CVEs (CVE-2025-29824)
🚨 Marked as known exploited on April 10th, 2025 (7 days ago).
Description: 11Critical110Important0Moderate0LowMicrosoft addresses 121 CVEs including one zero-day which was exploited in the wild.Microsoft patched 121 CVEs in its April 2025 Patch Tuesday release, with 11 rated critical and 110 rated as important.This month’s update includes patches for:ASP.NET CoreActive Directory Domain ServicesAzure LocalAzure Local ClusterAzure Portal Windows Admin CenterDynamics Business CentralMicrosoft AutoUpdate (MAU)Microsoft Edge (Chromium-based)Microsoft Edge for iOSMicrosoft OfficeMicrosoft Office ExcelMicrosoft Office OneNoteMicrosoft Office SharePointMicrosoft Office WordMicrosoft Streaming ServiceMicrosoft Virtual Hard DriveOpenSSH for WindowsOutlook for AndroidPower AutomateRPC Endpoint Mapper ServiceRemote Desktop ClientRemote Desktop Gateway ServiceSystem CenterVisual StudioVisual Studio CodeVisual Studio Tools for Applications and SQL Server Management StudioWindows Active Directory Certificate ServicesWindows BitLockerWindows Bluetooth ServiceWindows Common Log File System DriverWindows Cryptographic ServicesWindows DWM Core LibraryWindows Defender Application Control (WDAC)Windows Digital MediaWindows HTTP.sysWindows HelloWindows Hyper-VWindows InstallerWindows KerberosWindows KernelWindows Kernel MemoryWindows Kernel-Mode DriversWindows LDAP - Lightweight Directory Access ProtocolWindows Local Security Authority (LSA)Windows Local Session Manager (LSM)Windows Mark of the Web (MOTW)Windows MediaWindows Mobile BroadbandWindows NTFSWindows Power D...

CVSS: HIGH (7.8)

EPSS Score: 3.59%

Source: Tenable Blog
April 8th, 2025 (9 days ago)

CVE-2025-29824
Windows Common Log File System Driver Elevation of Privilege Vulnerability
🚨 Marked as known exploited on April 8th, 2025 (9 days ago).
Description: Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.8)

EPSS Score: 3.59%

SSVC Exploitation: active

Source: CVE
April 8th, 2025 (9 days ago)
[matrix-synapse] Synapse vulnerable to federation denial of service via malformed events
🚨 Marked as known exploited on April 10th, 2025 (7 days ago).
Description: Impact A malicious server can craft events which, when received, prevent Synapse version up to 1.127.0 from federating with other servers. The vulnerability has been exploited in the wild. Patches Fixed in Synapse v1.127.1. Workarounds Closed federation environments of trusted servers or non-federating installations are not affected. For more information If you have any questions or comments about this advisory, please email us at security at element.io. References https://github.com/element-hq/synapse/security/advisories/GHSA-v56r-hwv5-mxg6 https://nvd.nist.gov/vuln/detail/CVE-2025-30355 https://github.com/element-hq/synapse/commit/2277df2a1eb685f85040ef98fa21d41aa4cdd389 https://github.com/element-hq/synapse/releases/tag/v1.127.1 https://github.com/advisories/GHSA-v56r-hwv5-mxg6

CVSS: HIGH (7.1)

EPSS Score: 0.7%

Source: Github Advisory Database (PIP)
March 27th, 2025 (21 days ago)

CVE-2025-30355
Synapse vulnerable to federation denial of service via malformed events
🚨 Marked as known exploited on March 27th, 2025 (21 days ago).
Description: Synapse is an open source Matrix homeserver implementation. A malicious server can craft events which, when received, prevent Synapse version up to 1.127.0 from federating with other servers. The vulnerability has been exploited in the wild and has been fixed in Synapse v1.127.1. No known workarounds are available.

CVSS: HIGH (7.1)

EPSS Score: 0.7%

SSVC Exploitation: none

Source: CVE
March 27th, 2025 (21 days ago)