Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on April 10th, 2025 (10 days ago).
Description: Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.
The two critical-rated vulnerabilities in question are listed below -
CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an
CVSS: CRITICAL (9.8) EPSS Score: 89.45%
March 21st, 2025 (about 1 month ago)
|
|
Description: Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]
CVSS: CRITICAL (9.9) EPSS Score: 0.53%
March 20th, 2025 (about 1 month ago)
|
CVE-2024-39704 |
Description: Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. 1.4.0 allows a remote attacker to execute arbitrary code on a client's machine via a crafted packet on TCP port 46318.
CVSS: CRITICAL (9.8) EPSS Score: 0.53% SSVC Exploitation: none
March 20th, 2025 (about 1 month ago)
|
|
CVE-2025-2538 |
Description: A specific type of ArcGIS Enterprise deployment, is vulnerable to a Password Recovery Exploitation vulnerability in Portal, that could allow an attacker to reset the password on the built in admin account.
CVSS: CRITICAL (9.8) EPSS Score: 0.1%
March 20th, 2025 (about 1 month ago)
|
|
CVE-2025-29980 |
Description: A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development.
CVSS: CRITICAL (9.3) EPSS Score: 0.06% SSVC Exploitation: none
March 20th, 2025 (about 1 month ago)
|
|
Description: Impact
The APIExport Virtual Workspace can be used to manage objects in workspaces that bind that APIExport for resources defined in the APIExport or specified and accepted via permission claims. This allows an API provider (via their APIExport) scoped down access to workspaces of API consumers to provide their services properly.
The identified vulnerability allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources. By design, this should only be allowed when the workspace owner decides to give access to an API provider by creating an APIBinding.
With this vulnerability, it is possible for an attacker to create and delete objects even if none of these requirements are satisfied, i.e. even if there is no APIBinding in that workspace at all or the workspace owner has created an APIBinding, but rejected a permission claim.
Patches
A fix for this issue has been identified and has been published with kcp 0.26.3 and 0.27.0.
Workarounds
For users unable to upgrade to one of the patched versions, the following guidance can be given:
Minimise the set of people with apiexport/content sub-resource access to APIExport resources. Be aware that this has to apply to all workspaces to be effective.
Filter incoming requests in a reverse proxy with a similar logic as the authorizer added in the referenced pull request.
References
See pull request (https://github.com/kcp-dev/kcp/pull/3338).
References
https://gith...
CVSS: CRITICAL (9.6) EPSS Score: 0.03%
March 20th, 2025 (about 1 month ago)
|
|
|
Description: Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the _put_value method in ElasticRendezvousHandler calls codec.loads_base64(value), which eventually invokes cloudpickle.loads(decoded). This allows an attacker to send a malicious pickle object via a PUT request, leading to arbitrary code execution on the server.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-10190
https://huntr.com/bounties/3e398d1f-70c2-4e05-ae22-f5d66b19a754
https://github.com/advisories/GHSA-mrhh-3ggq-23p2
CVSS: CRITICAL (9.8) EPSS Score: 0.5%
March 20th, 2025 (about 1 month ago)
|
|
CVE-2025-29922 |
Description: kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.26.3, the identified vulnerability allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources. By design, this should only be allowed when the workspace owner decides to give access to an API provider by creating an APIBinding. With this vulnerability, it is possible for an attacker to create and delete objects even if none of these requirements are satisfied, i.e. even if there is no APIBinding in that workspace at all or the workspace owner has created an APIBinding, but rejected a permission claim. A fix for this issue has been identified and has been published with kcp 0.26.3 and 0.27.0.
CVSS: CRITICAL (9.6) EPSS Score: 0.03%
March 20th, 2025 (about 1 month ago)
|
|
CVE-2025-23120 |
Description: A vulnerability allowing remote code execution (RCE) for domain users.
CVSS: CRITICAL (9.9) EPSS Score: 0.53%
March 20th, 2025 (about 1 month ago)
|
|
CVE-2024-1811 |
Description: A potential vulnerability has been identified in OpenText ArcSight Platform. The vulnerability could be remotely exploited.
CVSS: CRITICAL (9.8) EPSS Score: 0.24% SSVC Exploitation: none
March 20th, 2025 (about 1 month ago)
|