Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-0148 |
Description: Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access.
CVSS: LOW (2.6) EPSS Score: 0.04%
February 4th, 2025 (3 months ago)
|
|
CVE-2024-53296 |
Description: Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
CVSS: LOW (2.7) EPSS Score: 0.04%
February 2nd, 2025 (3 months ago)
|
|
CVE-2025-24336 |
Description: SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.
CVSS: LOW (3.3) EPSS Score: 0.04%
February 1st, 2025 (3 months ago)
|
|
CVE-2025-0146 |
Description: Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.
CVSS: LOW (3.9) EPSS Score: 0.04%
January 31st, 2025 (3 months ago)
|
|
CVE-2025-0144 |
Description: Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.
CVSS: LOW (3.1) EPSS Score: 0.04%
January 31st, 2025 (3 months ago)
|
|
CVE-2024-54462 |
Description: The file names constructed within image_picker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could potentially override internal files in your app cache. Issue patched in 0.8.12+18. It is recommended to update to the latest version of image_picker_android that contains the changes to address this vulnerability.
CVSS: LOW (2.1) EPSS Score: 0.04%
January 30th, 2025 (3 months ago)
|
|
CVE-2024-54461 |
Description: The file names constructed within file_selector are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using your app and could potentially override internal files in your app cache. Issue patched in 0.5.1+12. It is recommended to update to the latest version of file_selector_android that contains the changes to address this vulnerability.
CVSS: LOW (2.1) EPSS Score: 0.04%
January 30th, 2025 (3 months ago)
|
|
CVE-2024-0149 |
Description: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.
CVSS: LOW (3.3) EPSS Score: 0.04%
January 29th, 2025 (3 months ago)
|
|
CVE-2025-24369 |
Description: Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (such as 42069), and then passes the challenge with difficulty zero. Commit e09d0226a628f04b1d80fd83bee777894a45cd02 fixes this behavior by not using a client-specified difficulty value.
CVSS: LOW (2.3) EPSS Score: 0.05%
January 28th, 2025 (3 months ago)
|
|
CVE-2025-21312 |
Description: Windows Smart Card Reader Information Disclosure Vulnerability
CVSS: LOW (2.4) EPSS Score: 0.05%
January 28th, 2025 (3 months ago)
|