Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-48766 |
🚨 Marked as known exploited on May 13th, 2025 (22 days ago).
Description: NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php.
CVSS: HIGH (8.6) EPSS Score: 71.92%
May 13th, 2025 (22 days ago)
|
|
🚨 Marked as known exploited on May 6th, 2025 (29 days ago).
Description: Security researchers have confirmed active exploitation of a critical vulnerability in Samsung’s MagicINFO 9 Server (CVE-2024-7399), with recent attacks linking the flaw to Mirai botnet deployment. The vulnerability enables unauthenticated attackers to upload arbitrary files and achieve remote code execution, posing a serious risk to digital signage systems managed by the software. Arctic Wolf was …
The post Samsung MagicINFO Flaw Now Actively Exploited by Mirai Botnet appeared first on CyberInsider.
CVSS: HIGH (8.8) EPSS Score: 60.46%
May 6th, 2025 (29 days ago)
|
|
🚨 Marked as known exploited on May 6th, 2025 (29 days ago).
Description: Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild.
The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local code execution without requiring any additional execution privileges.
"The most severe of
CVSS: HIGH (8.1)
May 6th, 2025 (29 days ago)
|
|
🚨 Marked as known exploited on May 5th, 2025 (30 days ago).
Description: Google’s Android security update for May 2025 patches a zero-day vulnerability in the FreeType font library that is currently being exploited in the wild, alongside dozens of high-severity flaws across the system, framework, and various hardware components. The zero-day, tracked as CVE-2025-27363, resides in the System component and stems from a memory handling bug in …
The post Android May 2025 Security Update Fixes Actively Exploited FreeType Zero-Day appeared first on CyberInsider.
CVSS: HIGH (8.1)
May 5th, 2025 (30 days ago)
|
|
🚨 Marked as known exploited on April 29th, 2025 (about 1 month ago).
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two high-severity security flaws impacting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerabilities in question are listed below -
CVE-2025-1976 (CVSS score: 8.6) - A code injection flaw
CVSS: HIGH (8.6) EPSS Score: 1.79%
April 29th, 2025 (about 1 month ago)
|
|
CVE-2025-1976 |
🚨 Marked as known exploited on April 28th, 2025 (about 1 month ago).
Description: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-1976 Broadcom Brocade Fabric OS Code Injection Vulnerability
CVE-2025-42599 Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
CVE-2025-3928 Commvault Web Server Unspecified Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: HIGH (8.6) EPSS Score: 1.79%
April 28th, 2025 (about 1 month ago)
|
|
CVE-2025-3928 |
🚨 Marked as known exploited on April 28th, 2025 (about 1 month ago).
Description: Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms.
CVSS: HIGH (8.8) EPSS Score: 15.08%
April 25th, 2025 (about 1 month ago)
|
|
CVE-2025-1976 |
🚨 Marked as known exploited on April 28th, 2025 (about 1 month ago).
Description: Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
CVSS: HIGH (8.6) EPSS Score: 1.79%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2024-4741 |
🚨 Marked as known exploited on April 19th, 2025 (about 2 months ago).
Description:
Nessus Plugin ID 234630 with High Severity
Synopsis
The remote Azure Linux host is missing one or more security updates.
Description
The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSL_free_buffers May cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications. The SSL_free_buffers function is used to free the internal OpenSSL buffer used when processing an incoming record from the network. The call is only expected to succeed if the buffer is not currently in use. However, two scenarios have been identified where the buffer is freed even when still in use. The first scenario occurs where a record header has been received from the network and processed by OpenSSL, but the full record body has not yet arrived. In this case calling SSL_free_buffers will succeed even though a record has only been...
CVSS: HIGH (7.5)
April 19th, 2025 (about 2 months ago)
|
|
CVE-2025-27363 |
🚨 Marked as known exploited on April 17th, 2025 (about 2 months ago).
Description:
Nessus Plugin ID 234514 with High Severity
Synopsis
The remote Amazon Linux 2023 host is missing a security update.
Description
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-925 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. (CVE-2025-27363)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'dnf update freetype --releasever 2023.7.20250331' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234514
CVSS: HIGH (8.1)
April 17th, 2025 (about 2 months ago)
|