Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[org.apache.tomcat:tomcat-catalina] Apache Tomcat - CGI security constraint bypass
Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2025-46701 https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558 https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5 https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605 https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74 https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105 https://github.com/advisories/GHSA-h2fw-rfh5-95r3

EPSS Score: 0.02%

Source: Github Advisory Database (Maven)
May 29th, 2025 (11 days ago)
[org.apache.tomcat.embed:tomcat-embed-core] Apache Tomcat - CGI security constraint bypass
Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2025-46701 https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558 https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5 https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605 https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74 https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105 https://github.com/advisories/GHSA-h2fw-rfh5-95r3

EPSS Score: 0.02%

Source: Github Advisory Database (Maven)
May 29th, 2025 (11 days ago)

CVE-2025-31264
An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma...
Description: An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

EPSS Score: 0.03%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-31263
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.
Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.

EPSS Score: 0.06%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-31261
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS...
Description: A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data.

EPSS Score: 0.01%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-31231
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitive...
Description: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitive location information.

EPSS Score: 0.01%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-31198
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma...
Description: This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A path handling issue was addressed with improved validation.

EPSS Score: 0.01%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-30466
This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS...
Description: This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.

EPSS Score: 0.03%

Source: CVE
May 29th, 2025 (11 days ago)
Threat Attack Daily - 29th of May 2025
Description: Threat Attack Daily - 29th of May 2025
Source: DarkWebInformer
May 29th, 2025 (11 days ago)
🏴‍☠️ Safepay has just published a new victim : sander-doll.com
Description: [AI generated] N/A
Source: Ransomware.live
May 29th, 2025 (11 days ago)