Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-22519 |
Description: An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via transmission of crafted data packets.
CVSS: HIGH (8.2) EPSS Score: 0.06% SSVC Exploitation: none
June 5th, 2025 (3 days ago)
|
|
CVE-2024-22496 |
Description: Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.
CVSS: MEDIUM (6.1) EPSS Score: 0.08% SSVC Exploitation: poc
June 5th, 2025 (3 days ago)
|
|
CVE-2024-22491 |
Description: A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter.
CVSS: MEDIUM (5.4) EPSS Score: 0.09% SSVC Exploitation: poc
June 5th, 2025 (3 days ago)
|
|
CVE-2024-22380 |
Description: Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version) March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.
CVSS: MEDIUM (5.5) EPSS Score: 0.02% SSVC Exploitation: none
June 5th, 2025 (3 days ago)
|
|
CVE-2024-22365 |
Description: linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
CVSS: MEDIUM (5.5) EPSS Score: 0.08% SSVC Exploitation: none
June 5th, 2025 (3 days ago)
|
|
CVE-2024-22108 |
Description: An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value.
CVSS: CRITICAL (9.8) EPSS Score: 0.13% SSVC Exploitation: poc
June 5th, 2025 (3 days ago)
|
|
CVE-2024-22021 |
Description: Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to.
CVSS: MEDIUM (4.3) EPSS Score: 0.19% SSVC Exploitation: none
June 5th, 2025 (3 days ago)
|
|
Description: A threat actor has re-released data from a 2021 AT&T breach affecting 70 million customers, this time combining previously separate files to directly link Social Security numbers and birth dates to individual users. [...]
June 5th, 2025 (3 days ago)
|
|
CVE-2025-5419 |
Description: Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
EPSS Score: 6.23%
June 5th, 2025 (3 days ago)
|
|
Description: Alleged breach of Weguest – 2.5M Records Exposed via API Misconfiguration
June 5th, 2025 (3 days ago)
|