Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-20010 |
Description: In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.
CVSS: MEDIUM (6.7) EPSS Score: 0.02% SSVC Exploitation: none
April 17th, 2025 (4 days ago)
|
|
CVE-2024-12530 |
Description: Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4.
End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the thick-client application.
CVSS: HIGH (7.0) EPSS Score: 0.01%
April 17th, 2025 (4 days ago)
|
|
CVE-2024-0363 |
Description: A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file admin/patient-search.php. The manipulation of the argument searchdata leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250130 is the identifier assigned to this vulnerability. Eine kritische Schwachstelle wurde in PHPGurukul Hospital Management System 1.0 entdeckt. Davon betroffen ist unbekannter Code der Datei admin/patient-search.php. Dank Manipulation des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.5) EPSS Score: 0.04% SSVC Exploitation: poc
April 17th, 2025 (4 days ago)
|
|
Description: After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.
April 17th, 2025 (4 days ago)
|
|
Description: The Tor Project has released version 14.5 of its privacy-focused browser, introducing the long-awaited Connection Assist feature to Android. This update significantly enhances the usability of Tor in regions where the network is actively blocked, alongside improvements in localization and overall stability across platforms. Tor Browser is the flagship tool developed by The Tor Project, …
The post Tor Browser 14.5 Brings Censorship-Busting Connection Assist to Android appeared first on CyberInsider.
April 17th, 2025 (4 days ago)
|
|
CVE-2025-3651 |
Description: Improper Verification of Source of a Communication Channel in Work Desktop for Mac versions below 10.8.2.33 allows attackers to execute arbitrary commands via unauthorized access to the Agent service.
CVSS: CRITICAL (9.3) EPSS Score: 0.02%
April 17th, 2025 (4 days ago)
|
|
CVE-2025-29047 |
Description: Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser
EPSS Score: 0.21%
April 17th, 2025 (4 days ago)
|
|
CVE-2025-29046 |
Description: Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value
EPSS Score: 0.21%
April 17th, 2025 (4 days ago)
|
|
CVE-2025-29045 |
Description: Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value
EPSS Score: 0.21%
April 17th, 2025 (4 days ago)
|
|
CVE-2025-29044 |
Description: Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value
EPSS Score: 0.21%
April 17th, 2025 (4 days ago)
|