Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-27797 |
Description: OS command injection vulnerability in the specific service exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.
CVSS: CRITICAL (9.8) EPSS Score: 0.38%
April 9th, 2025 (10 days ago)
|
|
Description: Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read and code execution.
Of the 30 flaws in the product, 11 are rated Critical in severity -
CVE-2025-24446 (CVSS score: 9.1) - An improper input validation vulnerability that could result in an
CVSS: CRITICAL (9.1) EPSS Score: 1.3%
April 9th, 2025 (11 days ago)
|
|
CVE-2025-30282 |
Description: ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Authentication vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass authentication mechanisms and execute code with the privileges of the authenticated user. Exploitation of this issue requires user interaction in that a victim must be coerced into performing actions within the application.
CVSS: CRITICAL (9.1) EPSS Score: 0.52% SSVC Exploitation: none
April 8th, 2025 (11 days ago)
|
|
CVE-2025-30281 |
Description: ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction.
CVSS: CRITICAL (9.1) EPSS Score: 0.21% SSVC Exploitation: none
April 8th, 2025 (11 days ago)
|
|
CVE-2025-24447 |
Description: ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: CRITICAL (9.1) EPSS Score: 3.23% SSVC Exploitation: none
April 8th, 2025 (11 days ago)
|
|
CVE-2025-24446 |
Description: ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: CRITICAL (9.1) EPSS Score: 1.3% SSVC Exploitation: none
April 8th, 2025 (11 days ago)
|
|
CVE-2024-30224 |
Description: Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.2.
CVSS: CRITICAL (10.0) EPSS Score: 0.42% SSVC Exploitation: none
April 8th, 2025 (11 days ago)
|
|
CVE-2024-29100 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4.
CVSS: CRITICAL (9.1) EPSS Score: 0.22% SSVC Exploitation: none
April 8th, 2025 (11 days ago)
|
|
CVE-2024-2890 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Tumult Inc. Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.12.
CVSS: CRITICAL (9.1) EPSS Score: 0.43% SSVC Exploitation: poc
April 8th, 2025 (11 days ago)
|
|
Description: Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes.
The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0.
"An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a remote unauthenticated attacker to modify
CVSS: CRITICAL (9.3) EPSS Score: 0.09%
April 8th, 2025 (11 days ago)
|