Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-22592 |
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update
Description: FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update
EPSS Score: 0.06% SSVC Exploitation: poc
June 2nd, 2025 (6 days ago)
|
|
CVE-2024-22563 |
Description: openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.
EPSS Score: 0.08% SSVC Exploitation: poc
June 2nd, 2025 (6 days ago)
|
|
CVE-2024-0567 |
Description: A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
EPSS Score: 1.09% SSVC Exploitation: poc
June 2nd, 2025 (6 days ago)
|
|
CVE-2024-0238 |
Description: The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata.
EPSS Score: 0.73% SSVC Exploitation: none
June 2nd, 2025 (6 days ago)
|
|
CVE-2024-0237 |
Description: The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc
EPSS Score: 0.29% SSVC Exploitation: none
June 2nd, 2025 (6 days ago)
|
|
Description: Alleged data breach of Oxygen – 134GB of Financial and Identity Documents Leaked
June 2nd, 2025 (6 days ago)
|
|
Description: Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies.
Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations and
June 2nd, 2025 (6 days ago)
|
|
Description: [AI generated] Jardin De Ville is a luxury outdoor furniture company based in Canada. Established in 1956, it offers a wide array of high-quality outdoor lounge and dining furniture. Renowned for their designs, it provides a vast collection of products such as umbrellas, lighting, sofas, and tables. Jardin De Ville collaborates with various prominent designer brands to maintain its luxurious and stylish offerings.
June 2nd, 2025 (6 days ago)
|
|
Description: The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.
June 2nd, 2025 (6 days ago)
|
|
|
Description: The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential civil penalties.
June 2nd, 2025 (6 days ago)
|