Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-24894
SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication
Description: SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider (IDP): the system that authenticates users and provides identity information (SAML affirmation) to the Service Provider, in essence, is responsible for the management of the credentials and identity of users; Service Provider (SP): the system that provides a service to the user and relies on the Identity Provider to authenticate the user, receives SAML assertions from the IdP to grant access to resources. The validation logic of the signature is central as it ensures that you cannot create a SAML response with arbitrary assertions and then impersonate other users. There is no guarantee that the first signature refers to the root object, it follows that if an attacker injects an item signed as the first element, all other signatures will not be verified. The only requirement is to have an XML element legitimately signed by the IdP, a condition that is easily met using the IdP's public metadata. An attacker could create an arbitrary SAML response that would be accepted by SPs using vulnerable SDKs, allowing him to impersonate any Spid and/or CIE user. This vulnerability has been addressed in version 3.4.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS: CRITICAL (9.1)

EPSS Score: 0.05%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2025-22654
WordPress Simplified Plugin Plugin <= 1.0.6 - Arbitrary File Upload vulnerability
Description: Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6.

CVSS: CRITICAL (10.0)

EPSS Score: 1.24%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2025-1023
SQL Injection in ChurchCRM newCountName Parameter via EditEventTypes.php
Description: A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a time-based blind SQL Injection vulnerability in the EditEventTypes functionality. The newCountName parameter is directly concatenated into an SQL query without proper sanitization, allowing an attacker to manipulate database queries and execute arbitrary commands, potentially leading to data exfiltration, modification, or deletion.

CVSS: CRITICAL (9.3)

EPSS Score: 0.07%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2024-56000
WordPress K Elements plugin < 5.2.0 - Unauthenticated Account Takeover vulnerability
Description: Incorrect Privilege Assignment vulnerability in NotFound K Elements allows Privilege Escalation. This issue affects K Elements: from n/a through n/a.

CVSS: CRITICAL (9.8)

EPSS Score: 0.11%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2024-39327
Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6.1 could allow the possibility to obtain CA signing in an illegitimate way.
Description: Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6.1 could allow the possibility to obtain CA signing in an illegitimate way.

CVSS: CRITICAL (9.9)

EPSS Score: 0.04%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2024-13725
Keap Official Opt-in Forms <= 2.0.1 - Unauthenticated Limited Local File Inclusion
Description: The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included. If register_argc_argv is enabled on the server and pearcmd.php is installed, this issue might lead to Remote Code Execution.

CVSS: CRITICAL (9.8)

EPSS Score: 0.32%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2024-12860
CarSpot – Dealership Wordpress Classified Theme <= 2.4.3 - Unauthenticated Arbitrary Password Reset/Account Takeover
Description: The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

CVSS: CRITICAL (9.8)

EPSS Score: 0.06%

Source: CVE
February 19th, 2025 (2 months ago)

CVE-2025-24032
Debian dla-4058 : libpam-pkcs11 - security update
Description: Nessus Plugin ID 216405 with Critical Severity Synopsis The remote Debian host is missing a security-related update. Description The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4058 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4058-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 18, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : pam-pkcs11 Version : 0.6.11-4+deb11u1 CVE ID : CVE-2025-24032 A vulnerability was discovered in pam-pkcs11, a PAM module which allows to use PKCS#11 based smart cards in the PAM authentication stack, which may allow to bypass the authentication in some scenarios. For Debian 11 bullseye, this problem has been fixed in version 0.6.11-4+deb11u1. We recommend that you upgrade your pam-pkcs11 packages. For the detailed security status of pam-pkcs11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pam-pkcs11 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTSTenable ha...

CVSS: CRITICAL (9.2)

EPSS Score: 0.05%

Source: Tenable Plugins
February 18th, 2025 (2 months ago)

CVE-2025-1387
Learning Digital Orca HCM - Improper Authentication
Description: Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user.

CVSS: CRITICAL (9.8)

EPSS Score: 0.2%

Source: CVE
February 18th, 2025 (2 months ago)

CVE-2024-7591
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection
Description: Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above

CVSS: CRITICAL (10.0)

EPSS Score: 7.65%

Source: CVE
February 18th, 2025 (2 months ago)