Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched.
The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762.
"A threat actor used a known
CVSS: CRITICAL (9.8)
April 11th, 2025 (8 days ago)
|
CVE-2025-32079 |
Description: Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments allows HTTP DoS.This issue affects Mediawiki - GrowthExperiments: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.1% SSVC Exploitation: none
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32074 |
Description: Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.06%
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32073 |
Description: Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - HTML Tags allows Cross-Site Scripting (XSS).This issue affects Mediawiki - HTML Tags: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.1% SSVC Exploitation: none
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32071 |
Description: Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Wikidata Extension allows Cross-Site Scripting (XSS) from widthheight message via ImageHandler::getDimensionsString()This issue affects Mediawiki - Wikidata Extension: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.1%
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32070 |
Description: Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - AJAX Poll Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - AJAX Poll Extension: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.1%
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32069 |
Description: Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Media Info Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Wikibase Media Info Extension: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.1%
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32068 |
Description: Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension allows Authentication Bypass.This issue affects Mediawiki - OAuth Extension: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.08%
April 11th, 2025 (8 days ago)
|
|
CVE-2025-32067 |
Description: Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43.
CVSS: CRITICAL (10.0) EPSS Score: 0.1%
April 11th, 2025 (8 days ago)
|
|
CVE-2024-4872 |
Description: A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability
an attacker must have a valid credential.
CVSS: CRITICAL (9.9) EPSS Score: 0.14% SSVC Exploitation: none
April 11th, 2025 (8 days ago)
|