Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-29266

Description: Unraid 7.0.0 before 7.0.1 allows remote users to access the Unraid WebGUI and web console as root without authentication if a container is running in Host networking mode with Use Tailscale enabled.

CVSS: CRITICAL (9.6)

EPSS Score: 0.12%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-3022

Description: Os command injection vulnerability in e-solutions e-management. This vulnerability allows an attacker to execute arbitrary commands on the server via the ‘client’ parameter in the /data/apache/e-management/api/api3.php endpoint.

CVSS: CRITICAL (9.3)

EPSS Score: 0.69%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-2071

Description: A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system commands via specially crafted input. This vulnerability arises due to improper handling of untrusted input, which is passed directly to system-level commands without adequate sanitization or validation. Successful exploitation could allow attackers to execute arbitrary commands on the affected system, potentially resulting in unauthorized access, data leakage, or full system compromise. Affected WebUI parameters are "hd" and "pi".

CVSS: CRITICAL (10.0)

EPSS Score: 1.05%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-26689

Description: Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If a remote attacker sends a specially crafted HTTP request to the product, the product data may be obtained or deleted, and/or the product settings may be altered.

CVSS: CRITICAL (9.8)

EPSS Score: 0.25%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-25211

Description: Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a brute-force attack may allow an attacker unauthorized access and login.

CVSS: CRITICAL (9.8)

EPSS Score: 0.06%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-3011

Description: SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

CVSS: CRITICAL (9.8)

EPSS Score: 0.11%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-1268

Description: Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver

CVSS: CRITICAL (9.4)

EPSS Score: 0.08%

Source: CVE
March 31st, 2025 (about 1 month ago)

CVE-2025-2266

Description: The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

CVSS: CRITICAL (9.8)

EPSS Score: 0.09%

Source: CVE
March 29th, 2025 (about 2 months ago)

CVE-2024-1735

Description: A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.

CVSS: CRITICAL (9.1)

EPSS Score: 0.05%

SSVC Exploitation: none

Source: CVE
March 29th, 2025 (about 2 months ago)

CVE-2025-0282

Description: Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR--Recipients may share this information without restriction. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction. For more information on the Traffic Light Protocol (TLP), see http://www.cisa.gov/tlp. Summary Description CISA analyzed three files obtained from a critical infrastructure’s Ivanti Connect Secure device after threat actors exploited Ivanti CVE-2025-0282 for initial access. One file—that CISA is calling RESURGE—has functionality similar to SPAWNCHIMERA in how it creates a Secure Shell (SSH) tunnel for command and control (C2). RESURGE also contains a series of commands that can modify files, manipulate integrity checks, and create a web shell that is copied to the running Ivanti boot disk. The second file is a variant of SPAWNSLOTH, that was contained within the RESURGE sample. The file tampers with the Ivanti device logs. The third file is a custom embedded binary that contains an open-source shell script and a subset of...

CVSS: CRITICAL (9.0)

Source: All CISA Advisories
March 28th, 2025 (about 2 months ago)