Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-24054
NTLM Hash Disclosure Spoofing Vulnerability
🚨 Marked as known exploited on April 17th, 2025 (2 days ago).
Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVSS: MEDIUM (6.5)

EPSS Score: 0.12%

Source: CVE
March 11th, 2025 (about 1 month ago)
Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. [...]
Source: BleepingComputer
March 11th, 2025 (about 1 month ago)

CVE-2025-27363
An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and...
🚨 Marked as known exploited on April 17th, 2025 (2 days ago).
Description: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.

CVSS: HIGH (8.1)

EPSS Score: 5.37%

SSVC Exploitation: none

Source: CVE
March 11th, 2025 (about 1 month ago)
CISA tags critical Ivanti EPM flaws as actively exploited in attacks
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]
Source: BleepingComputer
March 11th, 2025 (about 1 month ago)

CVE-2025-24813
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
🚨 Marked as known exploited on March 17th, 2025 (about 1 month ago).
Description: Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.98, which fixes the issue.

CVSS: CRITICAL (9.8)

EPSS Score: 93.55%

Source: CVE
March 10th, 2025 (about 1 month ago)
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. [...]
Source: BleepingComputer
March 7th, 2025 (about 1 month ago)

CVE-2025-22224
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. [...]

CVSS: CRITICAL (9.3)

EPSS Score: 24.22%

Source: BleepingComputer
March 6th, 2025 (about 1 month ago)

CVE-2021-30762
Linux Distros Unpatched Vulnerability : CVE-2021-30762
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Nessus Plugin ID 223776 with High Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/223776
Source: Tenable Plugins
March 5th, 2025 (about 2 months ago)

CVE-2021-30858
Linux Distros Unpatched Vulnerability : CVE-2021-30858
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Nessus Plugin ID 223797 with High Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/223797
Source: Tenable Plugins
March 5th, 2025 (about 2 months ago)

CVE-2021-30761
Linux Distros Unpatched Vulnerability : CVE-2021-30761
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Nessus Plugin ID 223807 with High Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/223807
Source: Tenable Plugins
March 5th, 2025 (about 2 months ago)