Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-22654
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.
Description: tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-48045
MICI Network Co. Ltd. NetFax Server Default Administrator Credentials Disclosure
Description: An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.

CVSS: HIGH (8.7)

EPSS Score: 0.06%

Source: CVE
May 29th, 2025 (11 days ago)
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints
Description: The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that were

CVSS: HIGH (7.5)

Source: TheHackerNews
May 29th, 2025 (11 days ago)

CVE-2025-48388
FreeScout Has Insufficient Protection Against CRLF-injection
Description: FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as arguments to string formatting functions. As a result, an attacker can pass a string containing special symbols (\r, \n, \t)to the application. This issue has been patched in version 1.8.178.

CVSS: HIGH (7.0)

EPSS Score: 0.06%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-4687
Account pre-hijacking through invite misuse
Description: In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they are added to the attackers company without their knowledge. The victims account and their company can then be managed by the attacker.This issue affects RMS: before 5.7.

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-5276
All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An...
Description: All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to issue requests and read the responses to attacker-controlled URLs, potentially leaking sensitive information.

CVSS: HIGH (7.4)

EPSS Score: 0.03%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-5215
D-Link DCS-5020L ptdc.cgi websReadEvent stack-based overflow
Description: A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Es wurde eine Schwachstelle in D-Link DCS-5020L 1.01_B2 entdeckt. Sie wurde als kritisch eingestuft. Hiervon betroffen ist die Funktion websReadEvent der Datei /rame/ptdc.cgi. Dank Manipulation des Arguments Authorization mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.8)

EPSS Score: 0.07%

SSVC Exploitation: poc

Source: CVE
May 28th, 2025 (11 days ago)
[next] Information exposure in Next.js dev server due to lack of origin verification
Description: Summary This vulnerability is similar to CVE-2018-14732. When running a Next.js server locally (e.g. through npm run dev), the WebSocket server is vulnerable to the Cross-site WebSocket hijacking (CSWSH) attack. and a bad actor can access the source code of client components, if a user was to visit a malicious link while having the Next.js dev server running. Impact If a user is running a Next.js server locally (e.g. npm run dev), and they were to browse to a malicious website, the malicious website may be able to access the source code of the Next.js app. This vulnerability only affects applications making use of App Router. Note: App Router was experimental requiring experimental.appDir = true in versions >=13.0.0 to <13.4. References https://github.com/vercel/next.js/security/advisories/GHSA-3h52-269p-cp9r https://github.com/advisories/GHSA-3h52-269p-cp9r

CVSS: HIGH (7.5)

Source: Github Advisory Database (NPM)
May 28th, 2025 (11 days ago)
[multicast] multicast in source builds from vulnerable setuptools dependency
Description: Impact Some source-builds may be impacted by a CWE-1395 (eg. vulnerable setuptools dependency). Multicast prior to v2.0.9a3 on systems with minimal dependancies installed may use setuptools <78.1.1 and thus rely on a compromised dependency. In some cases there is a chance that source-builds would fail due to an exploit of the closely related CVE-2025-47273, or become arbitrarily modified. Patches Pre-release version v2.0.9a0 and later resolve the issue by bumping requirements to setuptools>=80.4 Pre-release version v2.0.9a3 and later are recommended for improved stability over v2.0.9a0 Workarounds Further hardening in v2.0.9a4+ of the build process in CI builds allowing source builds to be verified via GH attestations. References GHSA-5rjg-fvgr-3xxf pypa/setuptools#4946 Fixes https://github.com/reactive-firewall/multicast/blob/c5c7c7de272421d944beca8452871bca6bfd151f/tests/requirements.txt#L32 https://github.com/reactive-firewall/multicast/blob/c5c7c7de272421d944beca8452871bca6bfd151f/docs/requirements.txt#L27 https://github.com/reactive-firewall/multicast/blob/c5c7c7de272421d944beca8452871bca6bfd151f/requirements.txt#L26 https://github.com/reactive-firewall/multicast/blob/c5c7c7de272421d944beca8452871bca6bfd151f/pyproject.toml#L2 References https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://github.com/reactive-firewall/multicast/security/advisories/GHSA-94v7-wxj6-r2q5 https://github.com/pypa/setuptools/issues/4946 https://git...

CVSS: HIGH (7.7)

EPSS Score: 0.43%

Source: Github Advisory Database (PIP)
May 28th, 2025 (11 days ago)

CVE-2025-27703
Privilege escalation in the management console of Absolute Secure Access prior to version 13.54
Description: CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can elevate their permissions to access additional features in the console. The attack complexity is low, there are no preexisting attack requirements; the privileges required are high, and there is no user interaction required. The impact to system confidentiality is low, the impact to system integrity is high and the impact to system availability is low.

CVSS: HIGH (7.0)

EPSS Score: 0.03%

Source: CVE
May 28th, 2025 (11 days ago)