Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-2857
Following the sanbdox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to...
🚨 Marked as known exploited on March 27th, 2025 (23 days ago).
Description: Following the sanbdox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles into unpriviled child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.

CVSS: CRITICAL (10.0)

EPSS Score: 0.09%

Source: CVE
March 27th, 2025 (23 days ago)
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below - CVE-2019-9874 (CVSS score: 9.8) - A deserialization vulnerability in the Sitecore.Security.AntiCSRF

CVSS: CRITICAL (9.8)

Source: TheHackerNews
March 27th, 2025 (23 days ago)

CVE-2019-9874
CISA Adds Two Known Exploited Vulnerabilities to Catalog
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2019-9874 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability CVE-2019-9875 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CVSS: CRITICAL (9.8)

Source: All CISA Advisories
March 26th, 2025 (23 days ago)

CVE-2025-2783
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to...
🚨 Marked as known exploited on March 26th, 2025 (24 days ago).
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

CVSS: HIGH (8.3)

EPSS Score: 1.63%

SSVC Exploitation: none

Source: CVE
March 26th, 2025 (24 days ago)
Google Patches Actively Exploited Chrome Zero-Day Used in Espionage Campaign
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Google has released a security update for Chrome to address a high-severity zero-day vulnerability that was actively exploited in a sophisticated espionage campaign targeting Russian organizations. The flaw was discovered by Kaspersky researchers who linked the exploitation to a broader attack dubbed Operation ForumTroll. According to their analysis, the campaign began in mid-March 2025, when … The post Google Patches Actively Exploited Chrome Zero-Day Used in Espionage Campaign appeared first on CyberInsider.
Source: CyberInsider
March 26th, 2025 (24 days ago)
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia.  The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a

EPSS Score: 1.63%

Source: TheHackerNews
March 26th, 2025 (24 days ago)

CVE-2025-30154
CISA Adds One Known Exploited Vulnerability to Catalog
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30154 reviewdog action-setup GitHub Action Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CVSS: HIGH (8.6)

EPSS Score: 42.39%

Source: All CISA Advisories
March 24th, 2025 (25 days ago)

CVE-2025-30349
Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted...
🚨 Marked as known exploited on March 21st, 2025 (29 days ago).
Description: Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.

CVSS: HIGH (7.2)

EPSS Score: 2.46%

SSVC Exploitation: none

Source: CVE
March 21st, 2025 (29 days ago)
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below -  CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an

CVSS: CRITICAL (9.8)

EPSS Score: 89.45%

Source: TheHackerNews
March 21st, 2025 (29 days ago)
CISA tags NAKIVO backup flaw as actively exploited in attacks
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software. [...]
Source: BleepingComputer
March 20th, 2025 (29 days ago)