Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-22900
Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function.
Description: Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function.

EPSS Score: 0.06%

Source: CVE
April 15th, 2025 (7 days ago)
🏴‍☠️ Qilin has just published a new victim : www.clubcar.com
Description: Club Car boasts a 60+ year history of industry-leading innovation and design, initially focused on golf cars and then expanding to commercial utility vehicles and personal-use transportation. Every detail of design, fabrication and assembl ...
Source: Ransomware.live
April 15th, 2025 (7 days ago)
🏴‍☠️ Ralord has just published a new victim : ARRCO LSM
Description: ARRCO – Lights Sound Magic is a professional event technology company based in Hamar, Norway. They specialize in providing comprehensive solutions for events, including sound,...
Source: Ransomware.live
April 15th, 2025 (7 days ago)
Hertz Falls Victim to Cleo Zero-Day Attacks
🚨 Marked as known exploited on April 15th, 2025 (7 days ago).
Description: Customer data such as birth dates, credit card numbers and driver's license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.
Source: Dark Reading
April 15th, 2025 (7 days ago)
4chan, the 'internet’s litter box,' appears to have been pillaged by rival forum
Source: TheRegister
April 15th, 2025 (7 days ago)
Landmark Admin data breach impact now reaches 1.6 million people
Description: Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. [...]
Source: BleepingComputer
April 15th, 2025 (7 days ago)
China accuses NSA of launching cyberattacks on Asian Winter Games
Description: China on Tuesday accused three alleged employees of the U.S. National Security Agency of carrying out cyberattacks on the Asian Winter Games in February.
Source: The Record
April 15th, 2025 (7 days ago)

CVE-2025-29705
code-gen <=2.0.6 is vulnerable to Incorrect Access Control. The project does not have permission control allowing anyone to access such projects.
Description: code-gen <=2.0.6 is vulnerable to Incorrect Access Control. The project does not have permission control allowing anyone to access such projects.

EPSS Score: 0.03%

Source: CVE
April 15th, 2025 (7 days ago)

CVE-2025-28100
A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the...
Description: A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the "operateOrder.php" id parameter.

EPSS Score: 0.07%

Source: CVE
April 15th, 2025 (7 days ago)

CVE-2024-50960
A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, and SMP 352 <=...
Description: A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, and SMP 352 <= 2.16 allows a remote authenticated attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system.

EPSS Score: 0.25%

Source: CVE
April 15th, 2025 (7 days ago)