Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Broadcom warned customers today about three VMware zero-days, tagged as exploited in attacks and reported by the Microsoft Threat Intelligence Center. [...]
March 4th, 2025 (3 months ago)
|
CVE-2012-0217 |
Description:
Nessus Plugin ID 217599 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier. (CVE-2012-0217)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/217599
March 4th, 2025 (3 months ago)
|
|
|
Description: A complex campaign allows cyberattackers to take over Windows systems by a combining a ClickFix-style attack and sophisticated obfuscation that abuses legitimate Microsoft services.
March 3rd, 2025 (3 months ago)
|
|
|
Description: Microsoft is investigating a new Microsoft 365 outage that is affecting Teams customers and causing call failures. [...]
March 3rd, 2025 (3 months ago)
|
|
|
Description: A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. [...]
March 3rd, 2025 (3 months ago)
|
|
|
Description: Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication. [...]
March 3rd, 2025 (3 months ago)
|
|
CVE-2025-0289 |
Description: Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code.
The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC).
"These include arbitrary kernel memory mapping and
EPSS Score: 0.05%
March 3rd, 2025 (3 months ago)
|
|
|
Description: Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc.
"The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known
March 3rd, 2025 (3 months ago)
|
|
|
March 3rd, 2025 (3 months ago)
|
|
|
Description: Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. [...]
March 1st, 2025 (3 months ago)
|