Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on April 25th, 2025 (about 1 month ago).
Description: SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers. [...]
April 25th, 2025 (about 1 month ago)
|
CVE-2025-31324 |
🚨 Marked as known exploited on April 25th, 2025 (about 1 month ago).
Description: SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
CVSS: CRITICAL (10.0) EPSS Score: 78.65%
April 24th, 2025 (about 1 month ago)
|
|
CVE-2024-21762 |
🚨 Marked as known exploited on April 24th, 2025 (about 1 month ago).
Description: A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
CVSS: CRITICAL (9.8) EPSS Score: 92.52% SSVC Exploitation: active
April 24th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 24th, 2025 (about 1 month ago).
Description: As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024.
"We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure," VulnCheck said in a report shared with The Hacker News.
This translates to 45 security flaws that have been weaponized
April 24th, 2025 (about 1 month ago)
|
|
CVE-2025-1976 |
🚨 Marked as known exploited on April 28th, 2025 (about 1 month ago).
Description: Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
CVSS: HIGH (8.6) EPSS Score: 1.79%
April 24th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 23rd, 2025 (about 2 months ago).
Description: The 2025 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation was present in 20% of breaches — a 34% increase year-over-year. To support the report, Tenable Research contributed enriched data on the most exploited vulnerabilities. In this blog, we analyze 17 edge-related CVEs and remediation trends across industry sectors.BackgroundSince 2008, Verizon’s annual Data Breach Investigations Report (DBIR) has helped organizations understand evolving cyber threats. For the 2025 edition, Tenable Research contributed enriched data on the most exploited vulnerabilities of the past year. We analyzed over 160 million data points and zeroed-in on the 17 edge device CVEs featured in the DBIR to understand their average remediation times. In this blog, we take a closer look at these vulnerabilities, revealing industry-specific trends and highlighting where patching still lags — often by months.In this year’s DBIR, vulnerabilities in Virtual Private Networks (VPNs) and edge devices were particular areas of concern, accounting for 22% of the CVE-related breaches in this year’s report, almost eight times the amount of 3% found in the 2024 report.AnalysisThe 2025 DBIR found that exploitation of vulnerabilities surged to be one of the top initial access vectors for 20% of data breaches. This represents a 34% increase over last year’s report and is driven in part by the zero-day exploitation of VPN and edge device vulnerabilities – asset classes that tradit...
CVSS: MEDIUM (6.0)
April 23rd, 2025 (about 2 months ago)
|
|
🚨 Marked as known exploited on April 22nd, 2025 (about 2 months ago).
Description: An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. [...]
April 22nd, 2025 (about 2 months ago)
|
|
CVE-2025-34028 |
🚨 Marked as known exploited on May 2nd, 2025 (about 1 month ago).
Description: A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution.
A PoC exists for this vulnerability.
This issue affects Command Center Innovation Release: 11.38.
CVSS: CRITICAL (10.0) EPSS Score: 63.86%
April 22nd, 2025 (about 2 months ago)
|
|
CVE-2024-4741 |
🚨 Marked as known exploited on April 19th, 2025 (about 2 months ago).
Description:
Nessus Plugin ID 234630 with High Severity
Synopsis
The remote Azure Linux host is missing one or more security updates.
Description
The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSL_free_buffers May cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications. The SSL_free_buffers function is used to free the internal OpenSSL buffer used when processing an incoming record from the network. The call is only expected to succeed if the buffer is not currently in use. However, two scenarios have been identified where the buffer is freed even when still in use. The first scenario occurs where a record header has been received from the network and processed by OpenSSL, but the full record body has not yet arrived. In this case calling SSL_free_buffers will succeed even though a record has only been...
CVSS: HIGH (7.5)
April 19th, 2025 (about 2 months ago)
|
|
🚨 Marked as known exploited on April 18th, 2025 (about 2 months ago).
Description: A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. [...]
April 18th, 2025 (about 2 months ago)
|