Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5593 |
Description: A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in FreeFloat FTP Server 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Komponente HOST Command Handler. Durch Beeinflussen mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.04% SSVC Exploitation: poc
June 4th, 2025 (4 days ago)
|
|
CVE-2025-20273 |
Description:
A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact Management Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Cisco plans to release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-icm-xss-cfcqhXAg
Security Impact Rating: Medium
CVE: CVE-2025-20273
CVSS: MEDIUM (6.1) EPSS Score: 0.02%
June 4th, 2025 (4 days ago)
|
|
CVE-2025-23101 |
Description: An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 4th, 2025 (4 days ago)
|
|
CVE-2025-23095 |
Description: An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
June 4th, 2025 (4 days ago)
|
|
CVE-2025-5592 |
Description: A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component PASSIVE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in FreeFloat FTP Server 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Komponente PASSIVE Command Handler. Durch das Beeinflussen mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
June 4th, 2025 (4 days ago)
|
|
CVE-2025-48962 |
Description: Sensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber Protect 16 (Windows, Linux) before build 39938.
CVSS: MEDIUM (4.3) EPSS Score: 0.03% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2025-48960 |
Description: Weak server key used for TLS encryption. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938.
CVSS: MEDIUM (5.9) EPSS Score: 0.01% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2025-48959 |
Description: Local privilege escalation due to insecure file permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40077.
CVSS: MEDIUM (6.7) EPSS Score: 0.01%
June 4th, 2025 (4 days ago)
|
|
CVE-2025-5584 |
Description: A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been classified as problematic. Affected is an unknown function of the file /doctor/edit-patient.php?editid=2 of the component POST Parameter Handler. The manipulation of the argument patname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine problematische Schwachstelle in PHPGurukul Hospital Management System 4.0 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Datei /doctor/edit-patient.php?editid=2 der Komponente POST Parameter Handler. Durch Beeinflussen des Arguments patname mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (4.8) EPSS Score: 0.03%
June 4th, 2025 (4 days ago)
|
|
CVE-2025-5583 |
Description: A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in CodeAstro Real Estate Management System 1.0 entdeckt. Es betrifft eine unbekannte Funktion der Datei /register.php. Durch Manipulation mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
June 4th, 2025 (4 days ago)
|