Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-0282 |
Description: Critical Vulnerability CVE-2025-0282 in Ivanti Connect Secure Enables Remote Command Execution via Buffer Overflow
CVSS: CRITICAL (9.0) EPSS Score: 15.33%
January 14th, 2025 (3 months ago)
|
|
CVE-2024-50603 |
Description: The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.
CVSS: CRITICAL (10.0) EPSS Score: 92.43%
January 13th, 2025 (3 months ago)
|
|
CVE-2024-50603 |
Description: Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. [...]
CVSS: CRITICAL (10.0) EPSS Score: 92.43%
January 13th, 2025 (3 months ago)
|
|
CVE-2024-51501 |
Description: Impact
The Heartcore headless client library depends on Refit to assist in making HTTP requests to Heartcore public APIs. Refit recently published an advisory regarding a CRLF injection vulnerability whereby it is possible for a malicious user to smuggle additional headers or potentially body content into a request.
This shouldn't affect Heartcore client library usage as the vulnerable method - HttpHeaders.TryAddWithoutValidation - is not used. However, since Refit is a transient dependency for applications using this library, then any users making direct use of Refit could be vulnerable.
Patches
The vulnerable version of Refit has been upgraded to a secure version, as of Umbraco.Headless.Client.Net version 1.5.0, available on Nuget.
Workarounds
If calling Refit from your own code, set any necessary HTTP headers without use of HttpHeaders.TryAddWithoutValidation.
References
See the original Refit advisory for further info.
References
https://github.com/reactiveui/refit/security/advisories/GHSA-3hxg-fxwm-8gf7
https://github.com/umbraco/Umbraco.Headless.Client.Net/security/advisories/GHSA-mgr7-5782-6jh9
https://nvd.nist.gov/vuln/detail/CVE-2024-51501
https://github.com/advisories/GHSA-mgr7-5782-6jh9
CVSS: CRITICAL (10.0)
January 13th, 2025 (3 months ago)
|
|
CVE-2024-50603 |
Description: A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners.
Cloud security firm Wiz said it's currently responding to "multiple incidents" involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
CVSS: CRITICAL (10.0) EPSS Score: 92.43%
January 13th, 2025 (3 months ago)
|
|
CVE-2023-48365 |
Description: Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.
CVSS: CRITICAL (9.6)
January 13th, 2025 (3 months ago)
|
|
CVE-2025-0282 |
Description: As we saw in our previous blogpost, we fully analyzed Ivanti’s most recent unauthenticated Remote Code Execution vulnerability in their Connect Secure (VPN) appliance. Specifically, we analyzed CVE-2025-0282.Today, we’re going to walk through exploitation. Once again, however, stopping short of providing the world with a
CVSS: CRITICAL (9.0) EPSS Score: 15.33%
January 12th, 2025 (3 months ago)
|
|
CVE-2025-0103 |
Description: An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.
CVSS: CRITICAL (9.2) EPSS Score: 0.04%
January 12th, 2025 (3 months ago)
|
|
CVE-2024-12877 |
Description: The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input from the donation form like 'firstName'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server that makes remote code execution possible. Please note this was only partially patched in 3.19.3, a fully sufficient patch was not released until 3.19.4. However, another CVE was assigned by another CNA for version 3.19.3 so we will leave this as affecting 3.19.2 and before. We have recommended the vendor use JSON encoding to prevent any further deserialization vulnerabilities from being present.
CVSS: CRITICAL (9.8) EPSS Score: 0.07%
January 12th, 2025 (3 months ago)
|
|
CVE-2025-23016 |
Description: FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 11th, 2025 (3 months ago)
|