Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032
References
https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90
https://issues.chromium.org/issues/405143032
https://github.com/advisories/GHSA-f87w-3j5w-v58p
CVSS: HIGH (8.3) EPSS Score: 1.63%
April 12th, 2025 (9 days ago)
|
|
|
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032
References
https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90
https://issues.chromium.org/issues/405143032
https://github.com/advisories/GHSA-f87w-3j5w-v58p
CVSS: HIGH (8.3) EPSS Score: 1.63%
April 12th, 2025 (9 days ago)
|
|
|
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032
References
https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90
https://issues.chromium.org/issues/405143032
https://github.com/advisories/GHSA-f87w-3j5w-v58p
CVSS: HIGH (8.3) EPSS Score: 1.63%
April 12th, 2025 (9 days ago)
|
|
|
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032
References
https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90
https://issues.chromium.org/issues/405143032
https://github.com/advisories/GHSA-f87w-3j5w-v58p
CVSS: HIGH (8.3) EPSS Score: 1.63%
April 12th, 2025 (9 days ago)
|
CVE-2025-29834 |
Description: Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVSS: HIGH (7.5) EPSS Score: 0.06%
April 12th, 2025 (9 days ago)
|
|
CVE-2025-29803 |
Description: Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.3) EPSS Score: 0.06%
April 12th, 2025 (9 days ago)
|
|
CVE-2024-0397 |
Description: A defect was discovered in the Python “ssl” module where there is a memory
race condition with the ssl.SSLContext methods “cert_store_stats()” and
“get_ca_certs()”. The race condition can be triggered if the methods are
called at the same time as certificates are loaded into the SSLContext,
such as during the TLS handshake with a certificate directory configured.
This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.
CVSS: HIGH (7.4) EPSS Score: 0.39% SSVC Exploitation: none
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32367 |
Description: The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions.
CVSS: HIGH (8.6) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2024-13861 |
Description: A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected.
CVSS: HIGH (7.8) EPSS Score: 0.01%
April 11th, 2025 (10 days ago)
|
|
CVE-2024-52280 |
Description: A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which allows users to watch resources they are not allowed to access, when they have at least some generic permissions on the type.
This issue affects rancher: before 2175e09, before 6e30359, before c744f0b.
CVSS: HIGH (7.7) EPSS Score: 0.02%
April 11th, 2025 (10 days ago)
|