Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-44886 |
Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 20th, 2025 (18 days ago)
|
|
CVE-2025-44883 |
Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
May 20th, 2025 (18 days ago)
|
|
CVE-2025-47277 |
Description: vLLM, an inference and serving engine for large language models (LLMs), has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the `PyNcclPipe` KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of the `PyNcclPipe` class to establish a peer-to-peer communication domain for data transmission between distributed nodes. The GPU-side KV-Cache transmission is implemented through the `PyNcclCommunicator` class, while CPU-side control message passing is handled via the `send_obj` and `recv_obj` methods on the CPU side. The intention was that this interface should only be exposed to a private network using the IP address specified by the `--kv-ip` CLI parameter. The vLLM documentation covers how this must be limited to a secured network. The default and intentional behavior from PyTorch is that the `TCPStore` interface listens on ALL interfaces, regardless of what IP address is provided. The IP address given was only used as a client-side address to use. vLLM was fixed to use a workaround to force the `TCPStore` instance to bind its socket to a specified private interface. As of version 0.8.5, vLLM limits the `TCPStore` socket to the private interface as configured.
CVSS: CRITICAL (9.8) EPSS Score: 0.06% SSVC Exploitation: none
May 20th, 2025 (18 days ago)
|
|
CVE-2025-46724 |
Description: Langroid is a Python framework to build large language model (LLM)-powered applications. Prior to version 0.53.15, `TableChatAgent` uses `pandas eval()`. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. Langroid 0.53.15 sanitizes input to `TableChatAgent` by default to tackle the most common attack vectors, and added several warnings about the risky behavior in the project documentation.
CVSS: CRITICAL (9.8) EPSS Score: 0.06% SSVC Exploitation: poc
May 20th, 2025 (18 days ago)
|
|
CVE-2025-44084 |
Description: D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system.
CVSS: CRITICAL (9.8) EPSS Score: 0.12%
May 20th, 2025 (18 days ago)
|
|
CVE-2025-48017 |
Description: Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files
CVSS: CRITICAL (9.0) EPSS Score: 0.06% SSVC Exploitation: none
May 20th, 2025 (18 days ago)
|
|
CVE-2025-46412 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Vertiv
Equipment: Liebert RDU101 and Liebert UNITY
Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or achieve remote code execution
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Vertiv products are affected:
Liebert RDU101: Versions 1.9.0.0 and prior
Liebert IS-UNITY: Versions 8.4.1.0 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288
Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication.
CVE-2025-46412 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-46412. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 STACK-BASED BUFFER OVERFLOW CWE-121
Affected Vertiv products contain a stack based buffer overflow vulnerability. An attacker could exploit this vulnerability to gain code execution on the device.
CVE-2025-41426 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the C...
CVSS: CRITICAL (9.8) EPSS Score: 0.08%
May 20th, 2025 (18 days ago)
|
|
CVE-2023-4041 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: PrismaSeT Active - Wireless Panel Server
Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow unauthorized code execution, which could result in the unavailability of the PrismaSeT Active - Wireless Panel Server for voltage loss monitoring.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Schneider Electric products are affected:
PrismaSeT Active - Wireless Panel Server: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.
CVE-2023-4041 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: France
3.4 RESEARCHER
Schneider Elec...
CVSS: CRITICAL (9.8)
May 20th, 2025 (18 days ago)
|
|
CVE-2025-32433 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Galaxy VS, Galaxy VL, Galaxy VXL
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to perform unauthenticated remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Schneider Electric products are affected:
Galaxy VS: All versions
Galaxy VL: All versions
Galaxy VXL: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
CVE-2025-32433 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, E...
CVSS: CRITICAL (10.0)
May 20th, 2025 (18 days ago)
|
|
CVE-2025-4978 |
Description: A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure. Es wurde eine sehr kritische Schwachstelle in Netgear DGND3700 1.1.00.15_1.00.15NA gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei /BRS_top.html der Komponente Basic Authentication. Dank der Manipulation mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: CRITICAL (9.3) EPSS Score: 0.29%
May 20th, 2025 (18 days ago)
|