Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-42191 |
Description: HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
CVSS: MEDIUM (6.5) EPSS Score: 0.01%
May 30th, 2025 (3 days ago)
|
|
CVE-2024-42190 |
Description: HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
CVSS: MEDIUM (6.5) EPSS Score: 0.01%
May 30th, 2025 (3 days ago)
|
|
CVE-2025-48378 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks. Version 9.13.9 fixes the issue.
CVSS: MEDIUM (6.1) EPSS Score: 0.05%
May 23rd, 2025 (10 days ago)
|
|
CVE-2025-48377 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions. Version 9.13.9 fixes the issue.
CVSS: MEDIUM (6.0) EPSS Score: 0.05% SSVC Exploitation: none
May 23rd, 2025 (10 days ago)
|
|
Description: This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.1. The following CVEs are assigned: CVE-2025-29837.
CVSS: MEDIUM (5.5) EPSS Score: 0.06%
May 21st, 2025 (12 days ago)
|
|
CVE-2025-4679 |
Description: A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
May 16th, 2025 (17 days ago)
|
|
CVE-2025-32703 |
Description: Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
CVSS: MEDIUM (5.5) EPSS Score: 0.05%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-30394 |
Description: Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
CVSS: MEDIUM (5.9) EPSS Score: 0.07%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-29974 |
Description: Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.
CVSS: MEDIUM (5.7) EPSS Score: 0.07%
May 13th, 2025 (20 days ago)
|
|
CVE-2025-29968 |
Description: Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
CVSS: MEDIUM (6.5) EPSS Score: 0.17%
May 13th, 2025 (20 days ago)
|