Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
🏴‍☠️ Lockbit3 has just published a new victim : ende.bo
Description: Greetings! Today we are posting here the new company, "Empresa Nacional de Electricidad". Company Description: The National Electricity Company (ENDE) is a corporation of the Plurinational State, whose main objective and strategic role is to pa...
Source: Ransomware.live
April 16th, 2025 (7 days ago)
🏴‍☠️ Lockbit3 has just published a new victim : aeamg.org.br
Description: Greetings! Today we are posting here the new company, "AEA-MG". Company Description: AEA-MG (Association of Electricians and Employees of CEMIG and its Subsidiaries) was founded on 29 January 1983 by a group of electricians who recognized the n...
Source: Ransomware.live
April 16th, 2025 (7 days ago)
🏴‍☠️ Lynx has just published a new victim : Hyalogic
Description: Hyalogic, the leader in premium high molecular weight hyaluronic acid, offers joint care supplements for humans and animals, as well as a full line of skin care and personal care products made with premium hyaluronic acid (HA). Also known as hyaluronan or hyaluronate, HA supports healthy joints and has numerous skin, hair, nail, and eye moisturizing benefits. Our product line includes liquid oral supplements, lozenge supplements, and topical skin care products under the well known names: Synthovial Seven and Episilk, Hyalun for your horse and HyaFlex for your dog or cat.
Source: Ransomware.live
April 16th, 2025 (7 days ago)
🏴‍☠️ Lynx has just published a new victim : Feldman & Lopez
Description: Feldman & Lopez, P.A. is a boutique law firm located in the heart of South Florida. Feldman & Lopez, P.A. was established in 2015 by a young female team of insurance experts, eager to provide Floridians with high quality civil and insurance litigation services. This boutique firm offers state-wide professional services to all residents of Florida and their assignees, personalized to meet every one of their clients' needs. Feldman & Lopez has a wide range of expertise in handling all post loss claims for their clients who have the appropriate coverages under their homeowner insurance policy. In addition, the firm handles all aspects of water and/or mold remediation claims and the invoices that go along with them based off validly executed assignment of benefits. In an age where the insurance industry rules our pocket books, rest assured that Feldman & Lopez will protect your rights and benefits when your insurance company tries to wrongfully deny or underpay your property damage claims.
Source: Ransomware.live
April 16th, 2025 (7 days ago)

CVE-2021-20035
SonicWall SMA100 Appliances OS Command Injection Vulnerability
Description: SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution.

CVSS: MEDIUM (6.5)

Source: CISA KEV
April 16th, 2025 (7 days ago)
Following Layoffs, Automattic Employees Discover Leak-Catching Watermarks
Description: The watermarks, which could identify people leaking screenshots to the press, are in the background of internal communications platform P2.
Source: 404 Media
April 16th, 2025 (7 days ago)
CVE program gets last-minute funding from CISA – and maybe a new home
Source: TheRegister
April 16th, 2025 (7 days ago)
Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure
Description: A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads.
Source: Dark Reading
April 16th, 2025 (7 days ago)

CVE-2025-3697
SourceCodester Web-based Pharmacy Product Management System edit-product.php sql injection
Description: A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in SourceCodester Web-based Pharmacy Product Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei /edit-product.php. Durch Beeinflussen des Arguments ID mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.3)

EPSS Score: 0.03%

SSVC Exploitation: poc

Source: CVE
April 16th, 2025 (7 days ago)

CVE-2024-56736
Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss
Description: Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat (incubating): before 1.7.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue.

EPSS Score: 0.03%

SSVC Exploitation: none

Source: CVE
April 16th, 2025 (7 days ago)