Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-27920 |
🚨 Marked as known exploited on May 19th, 2025 (18 days ago).
Description: Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.
CVSS: CRITICAL (9.8) EPSS Score: 61.11%
May 5th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 5th, 2025 (about 1 month ago).
Description: Impact
This advisory affects authenticated administrators with sites that have the media.clean_vectors configuration enabled. This configuration will sanitize SVG files uploaded using the media manager. This vulnerability allows an authenticated user to bypass this protection by uploading it with a permitted extension (for example, .jpg or .png) and later modifying it to the .svg extension.
This vulnerability assumes a trusted user will attack another trusted user and cannot be actively exploited without access to the administration panel and interaction from the other user.
Patches
This issue has been patched in v3.7.5.
References
Credits to:
Cyber-Wo0dy
For more information
If you have any questions or comments about this advisory:
Email us at [email protected]
References
https://github.com/octobercms/october/security/advisories/GHSA-96hh-8hx5-cpw7
https://github.com/advisories/GHSA-96hh-8hx5-cpw7
May 5th, 2025 (about 1 month ago)
|
|
|
🚨 Marked as known exploited on May 5th, 2025 (about 1 month ago).
Description: Impact
This advisory affects authenticated administrators with sites that have the media.clean_vectors configuration enabled. This configuration will sanitize SVG files uploaded using the media manager. This vulnerability allows an authenticated user to bypass this protection by uploading it with a permitted extension (for example, .jpg or .png) and later modifying it to the .svg extension.
This vulnerability assumes a trusted user will attack another trusted user and cannot be actively exploited without access to the administration panel and interaction from the other user.
Patches
This issue has been patched in v3.7.5.
References
Credits to:
Cyber-Wo0dy
For more information
If you have any questions or comments about this advisory:
Email us at [email protected]
References
https://github.com/octobercms/october/security/advisories/GHSA-96hh-8hx5-cpw7
https://github.com/advisories/GHSA-96hh-8hx5-cpw7
May 5th, 2025 (about 1 month ago)
|
|
CVE-2025-34028 |
🚨 Marked as known exploited on May 2nd, 2025 (about 1 month ago).
Description: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-34028 Commvault Command Center Path Traversal Vulnerability
CVE-2024-58136 Yiiframework Yii Improper Protection of Alternate Path Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: CRITICAL (10.0) EPSS Score: 63.86%
May 2nd, 2025 (about 1 month ago)
|
|
CVE-2025-27007 |
🚨 Marked as known exploited on May 7th, 2025 (about 1 month ago).
Description: Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82.
CVSS: CRITICAL (9.8) EPSS Score: 17.88% SSVC Exploitation: none
May 1st, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 1st, 2025 (about 1 month ago).
Description: SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild.
The vulnerabilities in question are listed below -
CVE-2023-44221 (CVSS score: 7.2) - Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to
CVSS: LOW (0.0)
May 1st, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 30th, 2025 (about 1 month ago).
Description: Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. [...]
April 30th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 30th, 2025 (about 1 month ago).
Description: Google’s Threat Intelligence team published its annual zero-day report on Tuesday, finding that 75 vulnerabilities were exploited in the wild in 2024, down from 98 in the prior year.
April 30th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 29th, 2025 (about 1 month ago).
Description: The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks. [...]
April 29th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on April 29th, 2025 (about 1 month ago).
Description: Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023.
Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances.
"Zero-day exploitation of browsers and mobile devices fell drastically, decreasing by about a third for browsers and by about half for
April 29th, 2025 (about 1 month ago)
|