Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: Microsoftâs April 2025 Patch Tuesday rollout includes a critical fix for an actively exploited zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, which threat actors have used to launch ransomware attacks across multiple sectors. The vulnerability was discovered by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center âŚ
The post Microsoft Fixes Actively Exploited CLFS Zero-Day Used in Ransomware Attacks appeared first on CyberInsider.
CVSS: HIGH (7.8) EPSS Score: 3.59%
April 8th, 2025 (9 days ago)
|
CVE-2025-30406 |
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-30406 Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability
CVE-2025-29824 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
EPSS Score: 58.51%
April 8th, 2025 (9 days ago)
|
|
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: 11Critical110Important0Moderate0LowMicrosoft addresses 121 CVEs including one zero-day which was exploited in the wild.Microsoft patched 121 CVEs in its April 2025 Patch Tuesday release, with 11 rated critical and 110 rated as important.This monthâs update includes patches for:ASP.NET CoreActive Directory Domain ServicesAzure LocalAzure Local ClusterAzure Portal Windows Admin CenterDynamics Business CentralMicrosoft AutoUpdate (MAU)Microsoft Edge (Chromium-based)Microsoft Edge for iOSMicrosoft OfficeMicrosoft Office ExcelMicrosoft Office OneNoteMicrosoft Office SharePointMicrosoft Office WordMicrosoft Streaming ServiceMicrosoft Virtual Hard DriveOpenSSH for WindowsOutlook for AndroidPower AutomateRPC Endpoint Mapper ServiceRemote Desktop ClientRemote Desktop Gateway ServiceSystem CenterVisual StudioVisual Studio CodeVisual Studio Tools for Applications and SQL Server Management StudioWindows Active Directory Certificate ServicesWindows BitLockerWindows Bluetooth ServiceWindows Common Log File System DriverWindows Cryptographic ServicesWindows DWM Core LibraryWindows Defender Application Control (WDAC)Windows Digital MediaWindows HTTP.sysWindows HelloWindows Hyper-VWindows InstallerWindows KerberosWindows KernelWindows Kernel MemoryWindows Kernel-Mode DriversWindows LDAP - Lightweight Directory Access ProtocolWindows Local Security Authority (LSA)Windows Local Session Manager (LSM)Windows Mark of the Web (MOTW)Windows MediaWindows Mobile BroadbandWindows NTFSWindows Power D...
CVSS: HIGH (7.8) EPSS Score: 3.59%
April 8th, 2025 (9 days ago)
|
|
CVE-2025-29824 |
đ¨ Marked as known exploited on April 8th, 2025 (9 days ago).
Description: Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.8) EPSS Score: 3.59% SSVC Exploitation: active
April 8th, 2025 (9 days ago)
|
|
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. [...]
April 8th, 2025 (9 days ago)
|
|
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild.
The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It has
April 8th, 2025 (9 days ago)
|
|
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.
The two high-severity vulnerabilities are listed below -
CVE-2024-53150 (CVSS score: 7.8) - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure
CVE-2024-53197 (CVSS score: 7.8) - A privilege escalation flaw in the USB sub-component of Kernel
April 8th, 2025 (10 days ago)
|
|
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: Googleâs April 2025 Android Security Bulletin addresses 60 vulnerabilities across system components, the Linux kernel, and third-party hardware drivers, including two high-severity zero-days that have been actively exploited in targeted surveillance operations. One of the patched flaws, CVE-2024-53197, was part of a Cellebrite-enabled attack used by Serbian authorities to compromise the phone of a student âŚ
The post Google Patches Actively Exploited Android Zero-Day Vulnerabilities appeared first on CyberInsider.
April 8th, 2025 (10 days ago)
|
|
CVE-2025-31161 |
đ¨ Marked as known exploited on April 10th, 2025 (7 days ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-31161Â CrushFTP Authentication Bypass Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: CRITICAL (9.8) EPSS Score: 24.88%
April 7th, 2025 (10 days ago)
|
|
CVE-2025-3248 |
đ¨ Marked as known exploited on April 13th, 2025 (4 days ago).
Description: Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
CVSS: CRITICAL (9.8) EPSS Score: 80.22%
April 7th, 2025 (10 days ago)
|