Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-2978 |
Description: A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258147. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine Schwachstelle in Tenda F1203 2.0.1.6 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion formSetCfm der Datei /goform/setcfm. Durch Beeinflussen des Arguments funcpara1 mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 0.89% SSVC Exploitation: poc
April 10th, 2025 (11 days ago)
|
|
CVE-2024-2899 |
Description: A vulnerability, which was classified as critical, has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257942 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Eine kritische Schwachstelle wurde in Tenda AC7 15.03.06.44 entdeckt. Dies betrifft die Funktion fromSetWirelessRepeat der Datei /goform/WifiExtraSet. Durch die Manipulation des Arguments wpapsk_crypto mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 1.17% SSVC Exploitation: poc
April 10th, 2025 (11 days ago)
|
|
CVE-2024-28860 |
Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3.
CVSS: HIGH (8.0) EPSS Score: 0.02% SSVC Exploitation: none
April 10th, 2025 (11 days ago)
|
|
CVE-2024-28107 |
Description: phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the `insertentry` & `saveentry` when modifying records due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some cases, even achieve RCE. This vulnerability is fixed in 3.2.6.
CVSS: HIGH (8.8) EPSS Score: 0.83% SSVC Exploitation: none
April 10th, 2025 (11 days ago)
|
|
CVE-2022-21658 |
🚨 Marked as known exploited on April 10th, 2025 (11 days ago).
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIDIS Prime
Vulnerabilities: Race Condition Enabling Link Following, Improper Validation of Integrity Check Value, Unchecked Input for Loop Condition, Expected Behavior Violation, Incorrect Provision of Specified Functionality, Heap-based Buffer Overflow, Cleartext Transmission of Sensitive Information, Use After Free, NULL Pointer Dereference, Exposure of Sensitive Information to an Unauthorized Actor, Out-of-bounds Write, Improper Input Validation, Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized deletions, cause denial of service, corrupt application state, leak sensitive information, or potentially execute remote code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
SIDIS Prime: All versions before V4.0.700
3.2 VULNERABILITY OVERVIEW
3.2.1 RACE CONDITION ENABLING LINK FOLLOWING CWE-363
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety,...
CVSS: HIGH (7.3)
April 10th, 2025 (11 days ago)
|
|
CVE-2024-54091 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 7.3
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Solid Edge SE2024, Solid Edge SE2025
Vulnerability: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to execute code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
Siemens Solid Edge SE2024: All versions prior to V224.0 Update 12
Siemens Solid Edge SE2025: All versions prior to V225.0 Update 3
3.2 VULNERABILITY OVERVIEW
3.2.1 OUT-OF-BOUNDS WRITE CWE-787
The affected application contains an out of bounds write past the end of an allocated buffer while parsing X_T data or a specially crafted file in X_T format. This could allow an attacker to execute code in the context of the current process.
CVE-2024-54091 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-54091. A base score of 7.3 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N...
CVSS: HIGH (7.8)
April 10th, 2025 (11 days ago)
|
|
CVE-2024-6387 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.2
ATTENTION: Exploitable remotely/low attack complexity
Vendor: ABB
Equipment: Arctic Wireless Gateways
Vulnerabilities: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Improper Privilege Management, Exposure of Sensitive Information to an Unauthorized Actor, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could run arbitrary code in the product with privileged user permissions or could lead to a denial of service or tampering with unencrypted traffic.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
ABB reports there are vulnerabilities in the Telit PL62-W wireless modem module used in the following products:
Arctic ARP600, ARC600, ARR600: Firmware versions 3.4.10, 3.4.11, 3.4.12, 3.4.13 (CVE-2024-6387)
Arctic Wireless Gateways ARG600, ARC600, ARR600: All versions with Telit PLS62-W wireless modem module (CVE-2023-47610, CVE-2023-47611, CVE-2023-47612, CVE-2023-47613, CVE-2023-47614, CVE-2023-47615, CVE-2023-47616)
3.2 VULNERABILITY OVERVIEW
3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120
A buffer overflow vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted short message service (SMS) message.
CVE-2...
CVSS: HIGH (8.1)
April 10th, 2025 (11 days ago)
|
|
CVE-2025-2285 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.5
ATTENTION: Low attack complexity
Vendor: Rockwell Automation
Equipment: Arena
Vulnerabilities: Use of Uninitialized Variable, Out-of-bounds Write, Out-of-bounds Read, Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could disclose information to an attacker or allow execution of arbitrary code on the system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Rockwell Automation reports the following versions of Arena simulation software are affected:
Arena: Versions 16.20.08 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 Use of Uninitialized Variable CWE-457
A local code execution vulnerability exists in Rockwell Automation Arena due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited, a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file.
CVE-2025-2285 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-2285. A base score of 8.5 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 Use of Uninitialized Variable CWE-457
A local code execution vulnerability exists in Rockwell Automation Arena due to an uni...
CVSS: HIGH (8.5) EPSS Score: 0.02%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-1097 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Insights Hub Private Cloud
Vulnerabilities: Improper Input Validation, Improper Isolation or Compartmentalization
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to perform arbitrary code execution, disclose information, or lead to a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
Siemens Insights Hub Private Cloud: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER INPUT VALIDATION CWE-20
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
CVE-2025-1097 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; t...
CVSS: HIGH (8.8) EPSS Score: 4.82%
April 10th, 2025 (11 days ago)
|
|
CVE-2025-27813 |
Description: MSI Center before 2.0.52.0 has Missing PE Signature Validation.
CVSS: HIGH (8.1) EPSS Score: 0.01%
April 10th, 2025 (11 days ago)
|