CyberAlerts

CVE-2024-11957

Description: Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.

CVSS: CRITICAL (9.3)

EPSS Score: 0.01%

Source: CVE

March 4th, 2025 (3 months ago)

CVE-2025-22224

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

🚨 Marked as known exploited on April 10th, 2025 (2 months ago).

Description: Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows - CVE-2025-22224 (CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with

CVSS: CRITICAL (9.3)

EPSS Score: 24.22%

Source: TheHackerNews

March 4th, 2025 (3 months ago)

CVE-2025-22224

VMware ESXi and Workstation TOCTOU Race Condition Vulnerability

Description: VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host.

CVSS: CRITICAL (9.3)

EPSS Score: 24.22%

Source: CISA KEV

March 4th, 2025 (3 months ago)

CVE-2025-22224

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor...

🚨 Marked as known exploited on March 4th, 2025 (3 months ago).

Description: VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

CVSS: CRITICAL (9.3)

EPSS Score: 24.22%

Source: CVE

March 4th, 2025 (3 months ago)

CVE-2025-1307

Newscrunch <= 1.8.4 - Authenticated (Subscriber+) Arbitrary File Upload

Description: The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunch_install_and_activate_plugin() function in all versions up to, and including, 1.8.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: CRITICAL (9.8)

EPSS Score: 3.57%

Source: CVE

March 4th, 2025 (3 months ago)

CVE-2025-0912

GiveWP – Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection

Description: The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the 'card_address' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.

CVSS: CRITICAL (9.8)

EPSS Score: 1.62%

Source: CVE

March 4th, 2025 (3 months ago)

CVE-2025-22273

CVE-2025-22273: Allocation of Resources Without Limits or Throttling

Description: CVE-2025-22273: Allocation of Resources Without Limits or Throttling

CVSS: CRITICAL (9.3)

EPSS Score: 0.05%

Source: DarkWebInformer

March 4th, 2025 (3 months ago)

CVE-2025-27590

[oxidized-web] Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account

Description: In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web. References https://nvd.nist.gov/vuln/detail/CVE-2025-27590 https://github.com/ytti/oxidized-web/commit/a5220a0ddc57b85cd122bffee228d3ed4901668e https://github.com/ytti/oxidized-web/releases/tag/0.15.0 https://github.com/advisories/GHSA-jx6p-9c26-g373

CVSS: CRITICAL (9.0)

EPSS Score: 0.13%

Source: Github Advisory Database (RubyGems)

March 3rd, 2025 (3 months ago)

CVE-2024-0012

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) (Severity: CRITICAL)

CVSS: CRITICAL (9.3)

Source: Palo Alto Networks Security Advisories

March 3rd, 2025 (3 months ago)

CVE-2025-26206

Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component

Description: Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component

CVSS: CRITICAL (9.0)

EPSS Score: 0.05%

Source: CVE

March 3rd, 2025 (3 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-11957	Arbitrary Code Execution in WPS Office Description: Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough. CVSS: CRITICAL (9.3) EPSS Score: 0.01% Source: CVE March 4th, 2025 (3 months ago)
CVE-2025-22224	VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches 🚨 Marked as known exploited on April 10th, 2025 (2 months ago). Description: Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows - CVE-2025-22224 (CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with CVSS: CRITICAL (9.3) EPSS Score: 24.22% Source: TheHackerNews March 4th, 2025 (3 months ago)
CVE-2025-22224	VMware ESXi and Workstation TOCTOU Race Condition Vulnerability Description: VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host. CVSS: CRITICAL (9.3) EPSS Score: 24.22% Source: CISA KEV March 4th, 2025 (3 months ago)
CVE-2025-22224	VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor... 🚨 Marked as known exploited on March 4th, 2025 (3 months ago). Description: VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. CVSS: CRITICAL (9.3) EPSS Score: 24.22% Source: CVE March 4th, 2025 (3 months ago)
CVE-2025-1307	Newscrunch <= 1.8.4 - Authenticated (Subscriber+) Arbitrary File Upload Description: The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunch_install_and_activate_plugin() function in all versions up to, and including, 1.8.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSS: CRITICAL (9.8) EPSS Score: 3.57% Source: CVE March 4th, 2025 (3 months ago)
CVE-2025-0912	GiveWP – Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection Description: The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the 'card_address' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution. CVSS: CRITICAL (9.8) EPSS Score: 1.62% Source: CVE March 4th, 2025 (3 months ago)
CVE-2025-22273	CVE-2025-22273: Allocation of Resources Without Limits or Throttling Description: CVE-2025-22273: Allocation of Resources Without Limits or Throttling CVSS: CRITICAL (9.3) EPSS Score: 0.05% Source: DarkWebInformer March 4th, 2025 (3 months ago)
CVE-2025-27590	[oxidized-web] Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account Description: In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web. References https://nvd.nist.gov/vuln/detail/CVE-2025-27590 https://github.com/ytti/oxidized-web/commit/a5220a0ddc57b85cd122bffee228d3ed4901668e https://github.com/ytti/oxidized-web/releases/tag/0.15.0 https://github.com/advisories/GHSA-jx6p-9c26-g373 CVSS: CRITICAL (9.0) EPSS Score: 0.13% Source: Github Advisory Database (RubyGems) March 3rd, 2025 (3 months ago)
CVE-2024-0012	CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) (Severity: CRITICAL) CVSS: CRITICAL (9.3) Source: Palo Alto Networks Security Advisories March 3rd, 2025 (3 months ago)
CVE-2025-26206	Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component Description: Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component CVSS: CRITICAL (9.0) EPSS Score: 0.05% Source: CVE March 3rd, 2025 (3 months ago)