Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31200 |
🚨 Marked as known exploited on April 17th, 2025 (about 2 months ago).
Description: A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
CVSS: HIGH (7.5) EPSS Score: 0.22% SSVC Exploitation: none
April 16th, 2025 (about 2 months ago)
|
|
CVE-2021-20035 |
🚨 Marked as known exploited on April 16th, 2025 (about 2 months ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2021-20035 SonicWall SMA100 Appliances OS Command Injection Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: MEDIUM (6.5)
April 16th, 2025 (about 2 months ago)
|
|
🚨 Marked as known exploited on April 15th, 2025 (about 2 months ago).
Description: Customer data such as birth dates, credit card numbers and driver's license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.
April 15th, 2025 (about 2 months ago)
|
|
🚨 Marked as known exploited on April 15th, 2025 (about 2 months ago).
Description: A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date.
Tracked as CVE-2025-30406 (CVSS score: 9.0), the vulnerability refers to the use of a hard-coded cryptographic key that could expose internet-accessible servers to remote code execution attacks
CVSS: CRITICAL (9.8) EPSS Score: 65.56%
April 15th, 2025 (about 2 months ago)
|
|
|
🚨 Marked as known exploited on April 14th, 2025 (about 2 months ago).
Description: A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.
April 14th, 2025 (about 2 months ago)
|
|
🚨 Marked as known exploited on April 11th, 2025 (about 2 months ago).
Description: A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure.
The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites.
"The
CVSS: HIGH (8.1) EPSS Score: 0.14%
April 11th, 2025 (about 2 months ago)
|
|
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. [...]
April 10th, 2025 (about 2 months ago)
|
|
CVE-2022-21658 |
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIDIS Prime
Vulnerabilities: Race Condition Enabling Link Following, Improper Validation of Integrity Check Value, Unchecked Input for Loop Condition, Expected Behavior Violation, Incorrect Provision of Specified Functionality, Heap-based Buffer Overflow, Cleartext Transmission of Sensitive Information, Use After Free, NULL Pointer Dereference, Exposure of Sensitive Information to an Unauthorized Actor, Out-of-bounds Write, Improper Input Validation, Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized deletions, cause denial of service, corrupt application state, leak sensitive information, or potentially execute remote code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
SIDIS Prime: All versions before V4.0.700
3.2 VULNERABILITY OVERVIEW
3.2.1 RACE CONDITION ENABLING LINK FOLLOWING CWE-363
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety,...
CVSS: HIGH (7.3)
April 10th, 2025 (about 2 months ago)
|
|
CVE-2025-3102 |
🚨 Marked as known exploited on April 11th, 2025 (about 2 months ago).
Description: The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.
CVSS: HIGH (8.1) EPSS Score: 0.14%
April 10th, 2025 (about 2 months ago)
|
|
CVE-2024-58136 |
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.
CVSS: CRITICAL (9.0) EPSS Score: 36.6%
April 10th, 2025 (about 2 months ago)
|