Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-13446 |
Description: The Workreap plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.2.5. This is due to the plugin not properly validating a user's identity prior to (1) performing a social auto-login or (2) updating their profile details (e.g. password). This makes it possible for unauthenticated attackers to (1) login as an arbitrary user if their email address is known or (2) change an arbitrary user's password, including administrators, and leverage that to gain access to their account. NOTE: This vulnerability was partially fixed in version 3.2.5.
CVSS: CRITICAL (9.8) EPSS Score: 0.09%
March 12th, 2025 (about 1 month ago)
|
|
CVE-2025-28915 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit allows Upload a Web Shell to a Web Server. This issue affects ThemeEgg ToolKit: from n/a through 1.2.9.
CVSS: CRITICAL (9.1) EPSS Score: 1.91%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-26701 |
Description: An issue was discovered in Percona PMM Server (OVA) before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. This is fixed in PMM2 2.42.0-1.ova, 2.43.0-1.ova, 2.43.1-1.ova, 2.43.2-1.ova, and 2.44.0-1.ova and in PMM3 3.0.0-1.ova and later.
CVSS: CRITICAL (10.0) EPSS Score: 0.06%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2024-54085 |
Description: AMI’s SPx contains
a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS: CRITICAL (10.0) EPSS Score: 0.1%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2024-27115 |
Description: A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying any requirements. This leads to the possibility of execution of code on the underlying system when the file is triggered. The vulnerability has been remediated in version 1.52.02.
CVSS: CRITICAL (10.0) EPSS Score: 79.33% SSVC Exploitation: none
March 11th, 2025 (about 1 month ago)
|
|
CVE-2024-27113 |
Description: An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying database by exporting it as a CSV file. The vulnerability has been remediated in version 1.52.02.
CVSS: CRITICAL (9.3) EPSS Score: 0.14% SSVC Exploitation: none
March 11th, 2025 (about 1 month ago)
|
|
CVE-2024-27112 |
Description: A unauthenticated SQL Injection has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying database. The vulnerability has been remediated in version 1.52.02.
CVSS: CRITICAL (9.3) EPSS Score: 0.12% SSVC Exploitation: none
March 11th, 2025 (about 1 month ago)
|
|
CVE-2024-21876 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.
CVSS: CRITICAL (9.3) EPSS Score: 0.19% SSVC Exploitation: none
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-1744 |
Description:
Nessus Plugin ID 232570 with Critical Severity
Synopsis
The remote CBL Mariner host is missing one or more security updates.
Description
The version of cloud-hypervisor installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1744 advisory. - Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9. (CVE-2025-1744)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/232570
CVSS: CRITICAL (10.0) EPSS Score: 0.05%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2017-12166 |
Description:
Nessus Plugin ID 232579 with Critical Severity
Synopsis
The remote Ubuntu host is missing one or more security updates.
Description
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7340-1 advisory. It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS. (CVE-2017-12166) Reynir Bjrnsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service. (CVE-2024-5594)Tenable has extracted the preceding description block directly from the Ubuntu security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected openvpn package.
Read more at https://www.tenable.com/plugins/nessus/232579
CVSS: CRITICAL (9.8)
March 11th, 2025 (about 1 month ago)
|