Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-2783 |
🚨 Marked as known exploited on March 26th, 2025 (24 days ago).
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVSS: HIGH (8.3) EPSS Score: 1.63% SSVC Exploitation: none
March 26th, 2025 (24 days ago)
|
|
CVE-2025-30154 |
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-30154 reviewdog action-setup GitHub Action Embedded Malicious Code Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: HIGH (8.6) EPSS Score: 42.39%
March 24th, 2025 (25 days ago)
|
|
CVE-2025-30349 |
🚨 Marked as known exploited on March 21st, 2025 (29 days ago).
Description: Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.
CVSS: HIGH (7.2) EPSS Score: 2.46% SSVC Exploitation: none
March 21st, 2025 (29 days ago)
|
|
CVE-2025-30154 |
🚨 Marked as known exploited on March 24th, 2025 (26 days ago).
Description: reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.
CVSS: HIGH (8.6) EPSS Score: 42.39%
March 19th, 2025 (about 1 month ago)
|
|
CVE-2025-30066 |
🚨 Marked as known exploited on March 18th, 2025 (about 1 month ago).
Description: tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.)
CVSS: HIGH (8.6) EPSS Score: 63.87%
March 15th, 2025 (about 1 month ago)
|
|
CVE-2025-26633 |
🚨 Marked as known exploited on March 31st, 2025 (19 days ago).
Description: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
CVSS: HIGH (7.0) EPSS Score: 1.47% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24993 |
🚨 Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24985 |
🚨 Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 9.81% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24983 |
🚨 Marked as known exploited on March 11th, 2025 (about 1 month ago).
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-27363 |
🚨 Marked as known exploited on April 17th, 2025 (2 days ago).
Description: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVSS: HIGH (8.1) EPSS Score: 5.37% SSVC Exploitation: none
March 11th, 2025 (about 1 month ago)
|