Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32756 |
đ¨ Marked as known exploited on May 14th, 2025 (23 days ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-32756 Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: CRITICAL (9.6) EPSS Score: 8.83%
May 14th, 2025 (23 days ago)
|
|
CVE-2025-4664 |
đ¨ Marked as known exploited on May 15th, 2025 (22 days ago).
Description: Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVSS: MEDIUM (4.3) EPSS Score: 1.26%
May 14th, 2025 (23 days ago)
|
|
đ¨ Marked as known exploited on May 14th, 2025 (23 days ago).
Description: Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild.
The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw.
"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to
CVSS: CRITICAL (9.8) EPSS Score: 57.86%
May 14th, 2025 (23 days ago)
|
|
đ¨ Marked as known exploited on May 14th, 2025 (23 days ago).
Description: Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera.BackgroundOn May 13th, Fortinet published a security advisory (FG-IR-25-254) for CVE-2025-32756, a critical arbitrary code execution vulnerability affecting multiple Fortinet products.CVEDescriptionCVSSv3CVE-2025-32756An arbitrary code execution vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera9.6AnalysisCVE-2025-32756 is an arbitrary code execution vulnerability affecting multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera. A remote unauthenticated attacker can send crafted HTTP requests in order to create a stack-based overflow condition which would allow for the execution of arbitrary code. This vulnerability was discovered by the Fortinet Product Security Team who observed threat activity involving a device running FortiVoice.According to Fortinet, the threat actors operations included scanning the network, erasing system crashlogs and enabling âfcgi debuggingâ which is used to log authentication attempts, including SSH logins. The âfcgi debuggingâ option is not enabled by default and the Fortinet advisory recommends reviewing the setting as one possible indicator of compromise (IoC).Historical Exploitation of Fortinet DevicesFortinet vulnerabilities have histo...
CVSS: CRITICAL (9.6) EPSS Score: 8.83%
May 14th, 2025 (23 days ago)
|
|
đ¨ Marked as known exploited on May 14th, 2025 (23 days ago).
Description: Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild.
Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them
May 14th, 2025 (23 days ago)
|
|
đ¨ Marked as known exploited on May 13th, 2025 (23 days ago).
Description: Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as âcriticalâ.  Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code
CVSS: HIGH (7.5) EPSS Score: 10.87%
May 13th, 2025 (23 days ago)
|
|
đ¨ Marked as known exploited on May 13th, 2025 (24 days ago).
Description: Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacksBackgroundOn May 13, Ivanti released a security advisory to address a high severity remote code execution (RCE) and a medium severity authentication bypass vulnerability in its Endpoint Manager Mobile (EPMM) product, a mobile management software that can be used for mobile device management (MDM), mobile application management (MAM) and mobile content management (MCM).CVEDescriptionCVSSv3CVE-2025-4427Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability5.3CVE-2025-4428Ivanti Endpoint Manager Mobile Remote Code Execution Vulnerability7.2AnalysisCVE-2025-4427 is an authentication bypass vulnerability in Ivantiâs EPMM. An unauthenticated, remote attacker could exploit this vulnerability to gain access to the serverâs application programming interface (API) that is normally only accessible to authenticated users.CVE-2025-4428 is a RCE in Ivantiâs EPMM. An authenticated attacker could exploit this vulnerability to execute arbitrary code on a vulnerable device.An attacker that successfully exploits these flaws could chain them together to execute arbitrary code on a vulnerable device without authentication. Both vulnerabilities are associated with open source libraries used by the EPMM software. Ivanti has indicated that these vulnerabilities have been exploited in the wild in a limited number of cases.Customers that restric...
CVSS: MEDIUM (5.3) EPSS Score: 79.81%
May 13th, 2025 (24 days ago)
|
|
đ¨ Marked as known exploited on May 13th, 2025 (24 days ago).
Description: 5Critical66Important0Moderate0LowMicrosoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild.Microsoft patched 71 CVEs in its May 2025 Patch Tuesday release, with five rated critical and 66 rated as important.This monthâs update includes patches for:.NET, Visual Studio, and Build Tools for Visual StudioActive Directory Certificate Services (AD CS)AzureAzure AutomationAzure DevOpsAzure File SyncAzure Storage Resource ProviderMicrosoft Brokering File SystemMicrosoft DataverseMicrosoft Defender for EndpointMicrosoft Defender for IdentityMicrosoft Edge (Chromium-based)Microsoft OfficeMicrosoft Office ExcelMicrosoft Office OutlookMicrosoft Office PowerPointMicrosoft Office SharePointMicrosoft PC ManagerMicrosoft Power AppsMicrosoft Scripting EngineRemote Desktop Gateway ServiceRole: Windows Hyper-VUniversal Print Management ServiceUrlMonVisual StudioVisual Studio CodeWeb Threat Defense (WTD.sys)Windows Ancillary Function Driver for WinSockWindows Common Log File System DriverWindows Deployment ServicesWindows DriversWindows DWMWindows File ServerWindows FundamentalsWindows Hardware Lab KitWindows InstallerWindows KernelWindows LDAP - Lightweight Directory Access ProtocolWindows MediaWindows NTFSWindows Remote DesktopWindows Routing and Remote Access Service (RRAS)Windows Secure Kernel ModeWindows SMBWindows Trusted Runtime Interface DriverWindows Virtual Machine BusWindows Win32K - GRFXRemote code execution (RCE) vulnerabilities accounted for...
CVSS: HIGH (7.8) EPSS Score: 4.24%
May 13th, 2025 (24 days ago)
|
|
đ¨ Marked as known exploited on May 13th, 2025 (24 days ago).
Description: Microsoft's Patch Tuesday for May 2025 addresses 78 vulnerabilities across its product suite, including five zero-day vulnerabilities that are already being exploited in the wild. The Windows 11 cumulative update KB5058411 (Build 26100.4061) brings critical fixes for elevation-of-privilege and remote code execution flaws impacting core Windows components. The update was released on May 13, 2025, âŚ
The post Microsoft Patches Five Actively Exploited Flaws in May 2025 Windows 11 Update appeared first on CyberInsider.
May 13th, 2025 (24 days ago)
|
|
đ¨ Marked as known exploited on May 13th, 2025 (24 days ago).
Description: Today is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. [...]
May 13th, 2025 (24 days ago)
|