Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: United States
June 5th, 2025 (2 days ago)
|
|
|
Description: United Kingdom
June 5th, 2025 (2 days ago)
|
|
Description: The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same.
June 5th, 2025 (2 days ago)
|
CVE-2025-5745 |
Description: The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.
CVSS: MEDIUM (5.6) EPSS Score: 0.04%
June 5th, 2025 (2 days ago)
|
|
CVE-2025-5693 |
Description: A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In PHPGurukul Human Metapneumovirus Testing Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /bwdates-report-result.php. Durch Manipulieren des Arguments fromdate/todate mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03%
June 5th, 2025 (2 days ago)
|
|
CVE-2025-5685 |
Description: A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in Tenda CH22 1.0.0.1 gefunden. Betroffen hiervon ist die Funktion formNatlimit der Datei /goform/Natlimit. Dank Manipulation des Arguments page mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 0.05%
June 5th, 2025 (2 days ago)
|
|
CVE-2025-5680 |
Description: A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script Handler. The manipulation of the argument script leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In Shenzhen Dashi Tongzhou Information Technology AgileBPM bis 2.5.0 wurde eine kritische Schwachstelle entdeckt. Betroffen ist die Funktion executeScript der Datei /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java der Komponente Groovy Script Handler. Durch Beeinflussen des Arguments script mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.04% SSVC Exploitation: poc
June 5th, 2025 (2 days ago)
|
|
CVE-2025-43026 |
Description: A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
CVSS: HIGH (7.1) EPSS Score: 0.01%
June 5th, 2025 (2 days ago)
|
|
CVE-2024-22705 |
Description: An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.
CVSS: HIGH (7.8) EPSS Score: 0.01% SSVC Exploitation: none
June 5th, 2025 (2 days ago)
|
|
June 5th, 2025 (2 days ago)
|