Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-45474 |
Description: maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings.
EPSS Score: 0.05% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-24945 |
Description: A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
EPSS Score: 0.07% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-24331 |
Description: TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function.
EPSS Score: 1.17% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-24327 |
Description: TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pppoePass parameter in the setIpv6Cfg function.
EPSS Score: 1.08% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-24140 |
Description: Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'
EPSS Score: 2.1% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-24061 |
Description: springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add.
EPSS Score: 0.08% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-23739 |
Description: An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
EPSS Score: 24.74% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-22861 |
Description: Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.
EPSS Score: 0.02% SSVC Exploitation: none
May 29th, 2025 (11 days ago)
|
|
CVE-2024-22647 |
Description: An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.
EPSS Score: 0.12% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|
|
CVE-2024-22639 |
Description: iGalerie v3.0.22 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Titre (Title) field in the editing interface.
EPSS Score: 0.2% SSVC Exploitation: poc
May 29th, 2025 (11 days ago)
|