Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025.
The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,
April 17th, 2025 (3 days ago)
|
|
Description: Legends International has begun notifying individuals that their personal data was exposed in a cybersecurity breach first detected in November 2024. The incident may affect those who visited or worked at venues managed by the sports and entertainment services firm. Legends International, LLC, headquartered in New York, is a global premium experiences company that provides …
The post Legends International Discloses Data Breach Impacting Guests and Employees appeared first on CyberInsider.
April 17th, 2025 (3 days ago)
|
|
Description: On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. [...]
April 17th, 2025 (3 days ago)
|
|
Description:
Web App Scanning Plugin ID 114772 with Medium Severity
Synopsis
Vite < 4.5.10 / 5.0.x < 5.4.15 / 6.0.x < 6.0.12 / 6.1.x < 6.1.2 / 6.2.x < 6.2.3 Arbitrary File Read
Description
Vite version prior to 4.5.10, 5.0.x prior to 5.4.15, 6.0.x prior to 6.0.12, 6.1.x prior to 6.1.2 or 6.2.x prior to 6.2.3 are affected by a vulnerability allowing unauthenticated remote attackers to read arbitrary files on the affected host when the app is exposing the Vite dev server to the network.
Solution
Upgrade to Vite 4.5.10, 5.4.15, 6.0.12, 6.1.2, 6.2.3 or later.
Read more at https://www.tenable.com/plugins/was/114772
April 17th, 2025 (3 days ago)
|
CVE-2025-25226 |
Description:
Web App Scanning Plugin ID 114773 with Critical Severity
Synopsis
Joomla! 5.x < 5.2.6 Multiple Vulnerabilities
Description
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.4.13 or 5.x prior to 5.2.6. It is, therefore, affected by multiple vulnerabilities. - Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. (CVE-2025-25226) - Insufficient state checks lead to a vector that allows to bypass 2FA checks. (CVE-2025-25227)Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update to Joomla! version 5.2.6 or latest.
Read more at https://www.tenable.com/plugins/was/114773
EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
CVE-2025-25226 |
Description:
Web App Scanning Plugin ID 114774 with Critical Severity
Synopsis
Joomla! 4.x < 4.4.13 Multiple Vulnerabilities
Description
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.4.13 or 5.x prior to 5.2.6. It is, therefore, affected by multiple vulnerabilities. - Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. (CVE-2025-25226) - Insufficient state checks lead to a vector that allows to bypass 2FA checks. (CVE-2025-25227)Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update to Joomla! version 4.4.13 or latest.
Read more at https://www.tenable.com/plugins/was/114774
EPSS Score: 0.04%
April 17th, 2025 (3 days ago)
|
|
|
Description:
Web App Scanning Plugin ID 114777 with Critical Severity
Synopsis
FortiOS 7.0.x < 7.0.16 Authentication Bypass
Description
FortiOS version 7.0.x prior to 7.0.16 and FortiProxy version 7.0.x prior to 7.0.19 or 7.2.x prior to 7.2.12 are affected by a vulnerability allowing allows a remote attacker to gain super-admin privileges via a specific crafted requests.
Solution
Upgrade to FortiOS 7.0.16 or later.
Read more at https://www.tenable.com/plugins/was/114777
April 17th, 2025 (3 days ago)
|
|
|
Description:
Web App Scanning Plugin ID 114778 with Medium Severity
Synopsis
Vite < 4.5.13 / 5.0.x < 5.4.18 / 6.0.x < 6.0.15 / 6.1.x < 6.1.5 / 6.2.x < 6.2.6 Arbitrary File Read
Description
Vite version prior to 4.5.13, 5.0.x prior to 5.4.18, 6.0.x prior to 6.0.15, 6.1.x prior to 6.1.5 or 6.2.x prior to 6.2.6 are affected by a vulnerability allowing unauthenticated remote attackers to read arbitrary files on the affected host when the app is exposing the Vite dev server to the network.
Solution
Upgrade to Vite 4.5.13, 5.4.18, 6.0.15, 6.1.5, 6.2.6 or later.
Read more at https://www.tenable.com/plugins/was/114778
April 17th, 2025 (3 days ago)
|
|
CVE-2019-1348 |
Description:
Nessus Plugin ID 234508 with Critical Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of git installed on the remote host is prior to 2.23.1-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2818 advisory. A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary files, but would not have complete control on the content of the file. (CVE-2019-1348) An improper input validation flaw was discovered in git in the way it handles git submodules. A remote attacker could abuse this flaw to trick a victim user into recursively cloning a malicious repository, which, under certain circumstances, could fool git into using the same git directory twice and potentially cause remote code execution. (CVE-2019-1349) A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1350) A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git f...
April 17th, 2025 (3 days ago)
|
|
CVE-2024-11403 |
Description:
Nessus Plugin ID 234510 with Medium Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of thunderbird installed on the remote host is prior to 128.8.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2830 advisory. There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions. (CVE-2024-11403) An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. (CVE-2024-50602) oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. (CVE-2024-56431)Tenable has extracted the preceding description block directly from the tested product security advisory.No...
April 17th, 2025 (3 days ago)
|