Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1907 |
Description: Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected.
CVSS: CRITICAL (9.8) EPSS Score: 0.14%
May 30th, 2025 (8 days ago)
|
|
CVE-2025-4967 |
Description: Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections.
CVSS: CRITICAL (9.1) EPSS Score: 0.03% SSVC Exploitation: none
May 29th, 2025 (8 days ago)
|
|
CVE-2025-47933 |
Description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.13.8, 2.14.13, and 3.0.4, an attacker can perform arbitrary actions on behalf of the victim via the API. Due to the improper filtering of URL protocols in the repository page, an attacker can achieve cross-site scripting with permission to edit the repository. This issue has been patched in versions 2.13.8, 2.14.13, and 3.0.4.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
May 29th, 2025 (8 days ago)
|
|
CVE-2025-48336 |
Description: Deserialization of Untrusted Data vulnerability in ThimPress Course Builder allows Object Injection.This issue affects Course Builder: from n/a before 3.6.6.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 29th, 2025 (8 days ago)
|
|
Description: Summary
Fabio allows clients to remove X-Forwarded headers (except X-Forwarded-For) due to a vulnerability in how it processes hop-by-hop headers.
Fabio adds HTTP headers like X-Forwarded-Host and X-Forwarded-Port when routing requests to backend applications. Since the receiving application should trust these headers, allowing HTTP clients to remove or modify them creates potential security vulnerabilities.
However, it was found that some of these custom headers can indeed be removed and, in certain cases, manipulated. The attack relies on the behavior that headers can be defined as hop-by-hop via the HTTP Connection header. By setting the following connection header, the X-Forwarded-Host header can, for example, be removed:
Connection: close, X-Forwarded-Host
Similar critical vulnerabilities have been identified in other web servers and proxies, including CVE-2022-31813 in Apache HTTP Server and CVE-2024-45410 in Traefik.
Details
It was found that the following headers can be removed in this way (i.e. by specifying them within a connection header):
X-Forwarded-Host
X-Forwarded-Port
X-Forwarded-Proto
X-Real-Ip
Forwarded
PoC
The following docker-compose file was used for testing:
version: '3'
services:
fabio:
image: fabiolb/fabio
ports:
- "3000:9999"
- "9998:9998"
volumes:
- ./fabio.properties:/etc/fabio/fabio.properties
backend:
build: .
ports:
- "8080:8080"
environment:
- PYTHONUNBUFFERED=1
The fabio.properti...
CVSS: CRITICAL (9.8)
May 29th, 2025 (8 days ago)
|
|
CVE-2024-23627 |
Description: A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.
CVSS: CRITICAL (9.0) EPSS Score: 0.86% SSVC Exploitation: none
May 29th, 2025 (8 days ago)
|
|
CVE-2024-23625 |
Description: A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVSS: CRITICAL (9.6) EPSS Score: 7.63% SSVC Exploitation: none
May 29th, 2025 (8 days ago)
|
|
CVE-2024-23615 |
Description: A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
CVSS: CRITICAL (10.0) EPSS Score: 7.55% SSVC Exploitation: none
May 29th, 2025 (8 days ago)
|
|
CVE-2024-23613 |
Description: A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
CVSS: CRITICAL (10.0) EPSS Score: 5.78% SSVC Exploitation: none
May 29th, 2025 (8 days ago)
|
|
CVE-2024-20253 |
Description: A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.
CVSS: CRITICAL (9.9) EPSS Score: 1.17% SSVC Exploitation: none
May 29th, 2025 (8 days ago)
|