Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30154 |
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-30154 reviewdog action-setup GitHub Action Embedded Malicious Code Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: HIGH (8.6) EPSS Score: 42.39%
March 24th, 2025 (2 months ago)
|
|
CVE-2025-30349 |
🚨 Marked as known exploited on March 21st, 2025 (3 months ago).
Description: Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.
CVSS: HIGH (7.2) EPSS Score: 2.46% SSVC Exploitation: none
March 21st, 2025 (3 months ago)
|
|
CVE-2025-30154 |
🚨 Marked as known exploited on March 24th, 2025 (2 months ago).
Description: reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.
CVSS: HIGH (8.6) EPSS Score: 42.39%
March 19th, 2025 (3 months ago)
|
|
CVE-2025-30066 |
🚨 Marked as known exploited on March 18th, 2025 (3 months ago).
Description: tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.)
CVSS: HIGH (8.6) EPSS Score: 63.87%
March 15th, 2025 (3 months ago)
|
|
CVE-2025-26633 |
🚨 Marked as known exploited on March 31st, 2025 (2 months ago).
Description: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
CVSS: HIGH (7.0) EPSS Score: 1.47% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24993 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24985 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 9.81% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-24983 |
🚨 Marked as known exploited on March 11th, 2025 (3 months ago).
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (3 months ago)
|
|
CVE-2025-27363 |
🚨 Marked as known exploited on April 17th, 2025 (about 2 months ago).
Description: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
CVSS: HIGH (8.1) EPSS Score: 5.37% SSVC Exploitation: none
March 11th, 2025 (3 months ago)
|
|
CVE-2021-30661 |
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description:
Nessus Plugin ID 223935 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/223935
CVSS: HIGH (8.8)
March 5th, 2025 (3 months ago)
|