Activity
Latest CVE events and analysis as they emerge
CVE-2025-33053 10 Jun 2025, 00:00
Windows WebDAV ClientAdded to CISA KEV catalog
- Vulnerability name
- Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability
- Product
- Web Distributed Authoring and Versioning Web Distributed Authoring and Versioning (WebDAV)
CVE-2025-33053 is a remote code execution vulnerability affecting the WebDAV client in Microsoft Windows. It stems from insufficient input validation in WebDAV file path handling, allowing an attacker to execute arbitrary code over a network. Successful exploitation requires a user to click on a specially crafted WebDAV URL, potentially leading to unauthorized access to sensitive system resources, compromise of system integrity and confidentiality, or even full control of the affected system. This vulnerability has been actively exploited in the wild.
high 8.8
Hype score
25
CVE-2025-24016 10 Jun 2025, 00:00
WazuhAdded to CISA KEV catalog
- Vulnerability name
- Wazuh Server Deserialization of Untrusted Data Vulnerability
- Product
- Wazuh Wazuh Server
CVE-2025-24016 is a critical remote code execution (RCE) vulnerability found in the Wazuh security platform, versions 4.4.0 through 4.9.0. It allows attackers to execute arbitrary code on affected Wazuh servers. The vulnerability arises from unsafe deserialization of DistributedAPI (DAPI) parameters. These parameters are serialized as JSON and then deserialized using the `as_wazuh_object` function. Attackers can exploit this by injecting a malicious, unsanitized dictionary into a DAPI request or response, leading to the execution of arbitrary Python code. This vulnerability can be exploited by anyone with API access, potentially including compromised dashboards, other Wazuh servers within a cluster, or even compromised agents, depending on the configuration. Wazuh has addressed this vulnerability in version 4.9.1. Users are strongly encouraged to update to this version to mitigate the risk of exploitation.
critical 9.9
Hype score
0
CVE-2025-32433 09 Jun 2025, 00:00
OTPErlangAdded to CISA KEV catalog
- Vulnerability name
- Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability
- Product
- Erlang Erlang/OTP
CVE-2025-32433 is a vulnerability found in the Erlang/OTP SSH server. It stems from a flaw in the SSH protocol message handling, which allows an attacker with network access to execute arbitrary code on the server without authentication. Specifically, the vulnerability enables a malicious actor to send connection protocol messages before authentication takes place. Successful exploitation could lead to full compromise of the host, unauthorized access, manipulation of sensitive data, or denial-of-service attacks.
critical 10.0
Hype score
0
CVE-2024-42009 09 Jun 2025, 00:00
RoundcubeAdded to CISA KEV catalog
- Vulnerability name
- RoundCube Webmail Cross-Site Scripting Vulnerability
- Product
- Roundcube Webmail
CVE-2024-42009 is a Cross-Site Scripting (XSS) vulnerability affecting Roundcube webmail software, specifically versions 1.5.7 and 1.6.x up to 1.6.7. It stems from a flaw in the `message_body()` function within the `program/actions/mail/show.php` file, where a desanitization issue can be exploited. This vulnerability allows a remote attacker to steal and send emails of a victim by sending a specially crafted email message. When a user views this malicious email in Roundcube, the attacker can execute arbitrary JavaScript in the victim's browser, potentially gaining persistent access to exfiltrate emails or steal passwords.
critical 9.3
Hype score
0
CVE-2025-5419 05 Jun 2025, 00:00
Google Chrome V8Added to CISA KEV catalog
- Vulnerability name
- Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
- Product
- Google Chromium V8
CVE-2025-5419 is an out-of-bounds read and write vulnerability found in the V8 JavaScript and WebAssembly engine of Google Chrome. Specifically, it affects Google Chrome versions prior to 137.0.7151.68. According to the NIST's National Vulnerability Database (NVD), this vulnerability could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. The vulnerability was reported to Google on May 27, 2025, by Clement Lecigne and Benoît Sevens of Google's Threat Analysis Group (TAG). Google has confirmed that an exploit for CVE-2025-5419 exists in the wild and has released a security update to address the issue. A configuration change was pushed to the Stable version of Chrome across all platforms on May 28, 2025, to mitigate the bug.
high 8.8
Hype score
0
CVE-2025-27038 03 Jun 2025, 00:00
QualcommAdrenoAdded to CISA KEV catalog
- Vulnerability name
- Qualcomm Multiple Chipsets Use-After-Free Vulnerability
- Product
- Qualcomm Multiple Chipsets
CVE-2025-27038 is a use-after-free vulnerability found in the Graphics component of Qualcomm's Adreno GPU drivers. This vulnerability can lead to memory corruption while rendering graphics, specifically when using the Adreno GPU drivers in Chrome. Qualcomm has released patches for this vulnerability, along with CVE-2025-21479 and CVE-2025-21480, and recommends that OEMs deploy the updates to affected devices as soon as possible. There are indications that CVE-2025-27038 may be under limited, targeted exploitation.
high 7.5
Hype score
0
CVE-2025-21480 03 Jun 2025, 00:00
AdrenoQualcommAdded to CISA KEV catalog
- Vulnerability name
- Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
- Product
- Qualcomm Multiple Chipsets
CVE-2025-21480 is an incorrect authorization vulnerability found in Qualcomm's Adreno GPU driver, specifically within the Graphics component. This flaw can lead to memory corruption due to unauthorized command execution in the GPU microcode when a specific sequence of commands is processed. The vulnerability is one of three zero-day flaws that were actively exploited in targeted attacks. Patches for this issue have been made available to OEMs, with a strong recommendation to deploy the update on affected devices as soon as possible.
high 8.6
Hype score
0
CVE-2025-21479 03 Jun 2025, 00:00
AdrenoQualcommAdded to CISA KEV catalog
- Vulnerability name
- Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
- Product
- Qualcomm Multiple Chipsets
CVE-2025-21479 is an incorrect authorization vulnerability found in the Graphics component of Qualcomm's Adreno GPU driver. This flaw can lead to memory corruption due to unauthorized command execution in the GPU microcode when a specific sequence of commands is processed. Successful exploitation of CVE-2025-21479 could allow attackers to execute unauthorized commands, potentially corrupting system memory. Qualcomm has released patches for this vulnerability and recommends that OEMs deploy the updates to affected devices as soon as possible. There are indications that this vulnerability may be under limited, targeted exploitation.
high 8.6
Hype score
0
CVE-2025-3935 02 Jun 2025, 00:00
ScreenConnectAdded to CISA KEV catalog
- Vulnerability name
- ConnectWise ScreenConnect Improper Authentication Vulnerability
- Product
- ConnectWise ScreenConnect
CVE-2025-3935 affects ScreenConnect versions 25.2.3 and earlier. It is a ViewState code injection vulnerability in ASP.NET Web Forms. The ViewState feature is used to preserve the state of pages and controls, with data encoded in Base64 and protected by machine keys. If an attacker gains privileged system-level access and compromises these machine keys, they could create and send malicious ViewState data to the website. This could potentially lead to remote code execution on the server. ScreenConnect version 25.2.4 disables ViewState to remove any dependency on it.
high 8.1
Hype score
0
CVE-2025-35939 02 Jun 2025, 00:00
Craft CMSAdded to CISA KEV catalog
- Vulnerability name
- Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
- Product
- Craft CMS Craft CMS
CVE-2025-35939 affects Craft CMS, where unauthenticated users can store arbitrary content in session files. This is due to the CMS storing return URLs without proper sanitization. When an unauthenticated request is redirected to the login page, Craft CMS generates a session file at `/var/lib/php/sessions` named `sess_[session_value]`, with the session value provided to the client via a Set-Cookie header. An unauthenticated attacker could inject arbitrary values, including potentially malicious PHP code, into a known local file location on the server. Craft CMS versions 5.7.5 and 4.15.3 have been released to address this vulnerability by implementing proper sanitization of return URLs before they are saved to the PHP session.
medium 6.9
Hype score
0
CVE-2024-56145 02 Jun 2025, 00:00
Craft CMSAdded to CISA KEV catalog
- Vulnerability name
- Craft CMS Code Injection Vulnerability
- Product
- Craft CMS Craft CMS
CVE-2024-56145 is a remote code execution (RCE) vulnerability affecting Craft CMS. It exists in versions 5.0.0-RC1 to 5.5.2 (excluding 5.5.2), 4.0.0-RC1 to 4.13.2 (excluding 4.13.2), and 3.0.0 to 3.9.14 (excluding 3.9.14). The vulnerability is triggered when the PHP configuration setting `register_argc_argv` is enabled, which is the default in the official Craft CMS docker image. An attacker can exploit this vulnerability to achieve unauthenticated remote code execution by manipulating paths such as `--templatesPath` or `--configPath`, forcing the CMS to load arbitrary files. A successful exploit could lead to complete system compromise, potentially through the use of template files loaded via FTP, bypassing the CMS's built-in sandboxing.
critical 9.3
Hype score
0
CVE-2023-39780 02 Jun 2025, 00:00
RT-AX55ASUSAdded to CISA KEV catalog
- Vulnerability name
- ASUS RT-AX55 Routers OS Command Injection Vulnerability
- Product
- ASUS RT-AX55 Routers
CVE-2023-39780 is a command injection vulnerability found in ASUS RT-AX55 routers, specifically version 3.0.0.4.386.51598. It allows authenticated attackers to execute arbitrary commands on the system. The vulnerability exists in the handling of user input, which enables attackers to inject and execute commands with elevated privileges. Successful exploitation of CVE-2023-39780 can lead to unauthorized actions and data breaches. Attackers have been observed exploiting this vulnerability, along with other authentication bypass techniques, to gain persistent access to ASUS routers, enabling SSH access and disabling logging to maintain a stealthy backdoor.
high 8.8
Hype score
0
CVE-2021-32030 02 Jun 2025, 00:00
ASUSGT-AC2900Added to CISA KEV catalog
- Vulnerability name
- ASUS Routers Improper Authentication Vulnerability
- Product
- ASUS Routers
CVE-2021-32030 is an authentication bypass vulnerability affecting ASUS GT-AC2900 devices before version 3.0.0.4.386.42643 and Lyra Mini devices before version 3.0.0.4_384_46630. The vulnerability stems from how the administrator application processes remote input from unauthenticated users. Specifically, the vulnerability allows an attacker to gain unauthorized access to the administrator interface. This is because an attacker-supplied null byte ('\0') can match the device's default null byte value in certain situations during the authentication process. Successful exploitation could allow attackers to modify router settings, intercept network traffic, and potentially install malicious firmware.
critical 9.8
Hype score
0
CVE-2025-4632 22 May 2025, 00:00
Samsung MagicINFOAdded to CISA KEV catalog
- Vulnerability name
- Samsung MagicINFO 9 Server Path Traversal Vulnerability
- Product
- Samsung MagicINFO 9 Server
CVE-2025-4632 is a path traversal vulnerability affecting Samsung MagicINFO 9 Server versions before 21.1052. The vulnerability stems from an improper limitation of a pathname to a restricted directory, which allows attackers to write arbitrary files with system authority. This can lead to remote code execution if specially crafted JavaServer Pages (JSP) files are uploaded. The vulnerability has been actively exploited in the wild and is considered a patch bypass for CVE-2024-7399, another path traversal flaw in the same product. Exploitation of CVE-2025-4632 has been linked to the deployment of the Mirai botnet in some instances. Samsung has released software updates to address this vulnerability.
critical 9.8
Hype score
0
CVE-2025-4428 19 May 2025, 00:00
Ivanti EPMMAdded to CISA KEV catalog
- Vulnerability name
- Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
- Product
- Ivanti Endpoint Manager Mobile (EPMM)
CVE-2025-4428 is a remote code execution (RCE) vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM). An authenticated attacker could exploit this vulnerability to execute arbitrary code on a vulnerable device. The vulnerability is associated with an open-source library integrated into EPMM. Ivanti released a security advisory on May 13, 2025, to address this vulnerability, along with an authentication bypass vulnerability (CVE-2025-4427). It was found that chaining the two vulnerabilities together could lead to unauthenticated remote code execution. Ivanti is aware of a limited number of customers whose systems have been exploited.
high 7.2
Hype score
0
CVE-2025-4427 19 May 2025, 00:00
Ivanti EPMMAdded to CISA KEV catalog
- Vulnerability name
- Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
- Product
- Ivanti Endpoint Manager Mobile (EPMM)
CVE-2025-4427 is an authentication bypass vulnerability found in Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and prior. It exists in the API component of the software. This vulnerability allows attackers to access protected resources without proper credentials via the API.
medium 5.3
Hype score
0
CVE-2025-27920 19 May 2025, 00:00
Output MessengerAdded to CISA KEV catalog
- Vulnerability name
- Srimax Output Messenger Directory Traversal Vulnerability
- Product
- Srimax Output Messenger
CVE-2025-27920 is a directory traversal vulnerability that affects Output Messenger version 2.0.62 and earlier. This vulnerability allows authenticated attackers to upload malicious files into the server's startup directory by using "../" sequences in parameters to access files outside the intended directory. Successful exploitation of this vulnerability could allow attackers to access sensitive files, potentially leading to configuration leakage or arbitrary file access. It was discovered that a threat actor named Marbled Dust exploited this vulnerability in a cyber espionage campaign, targeting the Kurdish military operating in Iraq. Output Messenger released version 2.0.63 in late December 2024 to address this vulnerability.
high 7.2
Hype score
0
CVE-2024-27443 19 May 2025, 00:00
Zimbra ZCSAdded to CISA KEV catalog
- Vulnerability name
- Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
- Product
- Synacor Zimbra Collaboration Suite (ZCS)
CVE-2024-27443 is a Cross-Site Scripting (XSS) vulnerability found in the CalendarInvite feature of the Zimbra Collaboration Suite (ZCS) classic webmail interface. This vulnerability exists because of improper input validation when handling the calendar header in email messages. An attacker can exploit this flaw by sending a specially crafted email containing a malicious calendar header with an embedded XSS payload. When a user views the email in the Zimbra classic web interface, the malicious code is executed within their browser, potentially allowing the attacker to compromise the user's session and execute arbitrary JavaScript code.
medium 6.1
Hype score
0
CVE-2024-11182 19 May 2025, 00:00
MDaemon Email ServerAdded to CISA KEV catalog
- Vulnerability name
- MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability
- Product
- MDaemon Email Server
CVE-2024-11182 is a cross-site scripting (XSS) vulnerability found in MDaemon Email Server versions prior to 24.5.1c. The vulnerability arises from insufficient sanitization of user-supplied data when handling IMG tags in email messages. An attacker can exploit this vulnerability by sending a specially crafted HTML email containing JavaScript code within an `<img>` tag. If the recipient opens the email, the malicious JavaScript code could execute within the context of their webmail browser window, potentially leading to unauthorized actions or information disclosure.
medium 5.3
Hype score
0
CVE-2023-38950 19 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- ZKTeco BioTime Path Traversal Vulnerability
- Product
- ZKTeco BioTime
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.
high 7.5
Hype score
0
CVE-2025-4664 15 May 2025, 00:00
Google ChromeAdded to CISA KEV catalog
- Vulnerability name
- Google Chromium Loader Insufficient Policy Enforcement Vulnerability
- Product
- Google Chromium
CVE-2025-4664 is a vulnerability affecting Google Chrome's Loader component. The vulnerability stems from insufficient policy enforcement, which allows a remote attacker to potentially leak cross-origin data by using a crafted HTML page. The vulnerability was discovered by security researcher Vsevolod Kokorin (@slonser_) and reported on May 5, 2025. Google has released updates to address this issue in Chrome versions 136.0.7103.113/.114 for Windows and Mac, and 136.0.7103.113 for Linux. It is recommended that users update their Chrome browsers to these versions to mitigate the risk.
medium 4.3
Hype score
0
CVE-2025-42999 15 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- SAP NetWeaver Deserialization Vulnerability
- Product
- SAP NetWeaver
SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.
critical 9.1
Hype score
0
CVE-2024-12987 15 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- DrayTek Vigor Routers OS Command Injection Vulnerability
- Product
- DrayTek Vigor Routers
A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component.
medium 6.9
Hype score
0
CVE-2025-32756 14 May 2025, 00:00
FortinetFortiVoiceAdded to CISA KEV catalog
- Vulnerability name
- Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
- Product
- Fortinet Multiple Products
CVE-2025-32756 is a stack-based buffer overflow vulnerability that affects multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary code or commands by sending specially crafted HTTP requests. Fortinet has observed active exploitation of this vulnerability in the wild, specifically targeting FortiVoice systems. During the exploitation of CVE-2025-32756, threat actors have been observed performing network scans, deleting system crash logs to conceal their activity, and enabling 'fcgi debugging' to log credentials. Additionally, they have been seen deploying malware, establishing cron jobs to harvest credentials, and using scripts to conduct network reconnaissance on compromised devices.
critical 9.8
Hype score
0
CVE-2025-32706 13 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
- Product
- Microsoft Windows
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
high 7.8
Hype score
0
CVE-2025-32701 13 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
- Product
- Microsoft Windows
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
high 7.8
Hype score
0
CVE-2025-30400 13 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- Microsoft Windows DWM Core Library Use-After-Free Vulnerability
- Product
- Microsoft Windows
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
high 7.8
Hype score
0
CVE-2025-30397 13 May 2025, 00:00
Microsoft Scripting EngineAdded to CISA KEV catalog
- Vulnerability name
- Microsoft Windows Scripting Engine Type Confusion Vulnerability
- Product
- Microsoft Windows
CVE-2025-30397 is a memory corruption vulnerability within the Microsoft Scripting Engine. Exploitation of this vulnerability could allow an attacker to execute arbitrary code on an affected system. To successfully exploit this vulnerability, a user must click on a specially crafted link, often delivered through a malicious website or script. The vulnerability stems from the scripting engine misinterpreting object types, leading to memory corruption. Notably, successful exploitation requires the target to be running Microsoft Edge in Internet Explorer mode. This vulnerability has been actively exploited in the wild as a zero-day.
high 7.5
Hype score
0
CVE-2025-32709 13 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
- Product
- Microsoft Windows
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
high 7.8
Hype score
0
CVE-2025-47729 12 May 2025, 00:00
TeleMessageAdded to CISA KEV catalog
- Vulnerability name
- TeleMessage TM SGNL Hidden Functionality Vulnerability
- Product
- TeleMessage TM SGNL
CVE-2025-47729 is a vulnerability found in the TeleMessage TM SGNL application. The archiving backend of TeleMessage stores cleartext copies of messages from TM SGNL app users. This differs from the vendor's documentation, which describes "End-to-End encryption from the mobile phone through to the corporate archive". This vulnerability was exploited in the wild in May 2025. The vulnerability means that unauthorized individuals with high-privilege access could potentially view sensitive message contents in plaintext. This could compromise user privacy and corporate communication confidentiality because the messages were expected to be securely encrypted.
low 1.9
Hype score
0
CVE-2024-6047 07 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- GeoVision Devices OS Command Injection Vulnerability
- Product
- GeoVision Multiple Devices
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
critical 9.8
Hype score
0
CVE-2024-11120 07 May 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- GeoVision Devices OS Command Injection Vulnerability
- Product
- GeoVision Multiple Devices
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.
critical 9.8
Hype score
0
CVE-2025-27363 06 May 2025, 00:00
FreeTypeAdded to CISA KEV catalog
- Vulnerability name
- FreeType Out-of-Bounds Write Vulnerability
- Product
- FreeType FreeType
CVE-2025-27363 is a vulnerability found in FreeType versions 2.13.0 and below. It occurs when parsing font subglyph structures related to TrueType GX and variable font files. The issue stems from assigning a signed short value to an unsigned long, followed by adding a static value. This causes a wrap-around, resulting in a heap buffer that is too small being allocated. The vulnerability allows writing up to 6 signed long integers out of bounds relative to the undersized buffer. This out-of-bounds write can potentially lead to arbitrary code execution. It has been reported that this vulnerability may have been exploited in the wild.
high 8.1
Hype score
0
CVE-2025-3248 05 May 2025, 00:00
LangflowAdded to CISA KEV catalog
- Vulnerability name
- Langflow Missing Authentication Vulnerability
- Product
- Langflow Langflow
CVE-2025-3248 is a code injection vulnerability that affects Langflow versions prior to 1.3.0. It exists in the `/api/v1/validate/code` endpoint, where a remote, unauthenticated attacker can send crafted HTTP requests to execute arbitrary code on the server. This vulnerability allows attackers to gain control of vulnerable Langflow servers without needing authentication. To remediate this vulnerability, users are advised to upgrade to Langflow version 1.3.0 or restrict network access to the application.
critical 9.8
Hype score
0
CVE-2025-34028 02 May 2025, 00:00
CommvaultAdded to CISA KEV catalog
- Vulnerability name
- Commvault Command Center Path Traversal Vulnerability
- Product
- Commvault Command Center
CVE-2025-34028 is a vulnerability in Commvault Command Center Innovation Release that allows an unauthenticated attacker to upload ZIP files. This path traversal vulnerability can lead to remote code execution when the server expands these files. The vulnerability affects Command Center Innovation Release versions 11.38.0 through 11.38.19 and has been patched in version 11.38.20. The vulnerability exists in the "deployWebpackage.do" and "deployServiceCommcell.do" endpoints, which are excluded from authentication requirements. An attacker can exploit this by sending an HTTP request to these endpoints, triggering a Server-Side Request Forgery (SSRF) vulnerability. This allows the attacker to force the Commvault server to download a ZIP file from an external server, use path traversal to place files in restricted directories, and ultimately execute malicious code via the web interface.
critical 10.0
Hype score
0
CVE-2024-58136 02 May 2025, 00:00
YiiPHPAdded to CISA KEV catalog
- Vulnerability name
- Yiiframework Yii Improper Protection of Alternate Path Vulnerability
- Product
- Yiiframework Yii
CVE-2024-58136 is a vulnerability in Yii 2, a PHP framework, affecting versions prior to 2.0.52. It involves mishandling the attaching of behavior that is defined by an `__class` array key. This vulnerability is a regression of a previously patched issue, CVE-2024-4990. The vulnerability allows attackers to manipulate the behavior of Yii 2 web applications. It stems from improper type and configuration checks in Yii's use of PHP's `__set()` magic method and the `Yii::createObject()` function, potentially leading to the instantiation of arbitrary PHP classes with malicious arguments. This vulnerability was actively exploited between February and April 2025.
critical 9.0
Hype score
0
CVE-2024-38475 01 May 2025, 00:00
Apache HTTP ServerAdded to CISA KEV catalog
- Vulnerability name
- Apache HTTP Server Improper Escaping of Output Vulnerability
- Product
- Apache HTTP Server
CVE-2024-38475 involves improper output escaping in the `mod_rewrite` module of the Apache HTTP Server, specifically in versions 2.4.59 and earlier. This flaw allows an attacker to map URLs to filesystem locations that the server is permitted to serve but are not intended to be directly accessible. This vulnerability can lead to code execution or source code disclosure. The issue arises when substitutions in the server context use backreferences or variables as the initial segment of the substitution. While the fix might break some existing RewriteRules, the "UnsafePrefixStat" flag can be used to revert to the previous behavior if the substitution is appropriately constrained.
critical 9.1
Hype score
0
CVE-2023-44221 01 May 2025, 00:00
SMA100Added to CISA KEV catalog
- Vulnerability name
- SonicWall SMA100 Appliances OS Command Injection Vulnerability
- Product
- SonicWall SMA100 Appliances
CVE-2023-44221 is a command injection vulnerability found in the SMA100 SSL-VPN management interface. It allows a remote, authenticated attacker with administrative privileges to inject arbitrary commands. These commands are executed as the "nobody" user, potentially leading to OS command injection. This vulnerability exists due to improper neutralization of special elements within the SMA100 SSL-VPN management interface. It is often exploited in conjunction with other vulnerabilities, such as CVE-2024-38475, to bypass authentication and gain administrative control over affected systems.
high 7.2
Hype score
0
CVE-2025-31324 29 Apr 2025, 00:00
SAP NetWeaverAdded to CISA KEV catalog
- Vulnerability name
- SAP NetWeaver Unrestricted File Upload Vulnerability
- Product
- SAP NetWeaver
CVE-2025-31324 is a vulnerability affecting SAP NetWeaver Visual Composer Metadata Uploader. The core issue is a missing authorization check, which allows unauthenticated attackers to upload potentially malicious executable binaries to the system. This vulnerability can be exploited by crafting malicious POST requests to deliver webshells, enabling attackers to execute system commands, upload unauthorized files, seize control of compromised systems, execute remote code, and potentially steal sensitive data.
critical 10.0
Hype score
0
CVE-2025-42599 28 Apr 2025, 00:00
Active! mailQualitiaAdded to CISA KEV catalog
- Vulnerability name
- Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
- Product
- Qualitia Active! Mail
CVE-2025-42599 is a stack-based buffer overflow vulnerability found in Active! mail 6 BuildInfo version 6.60.05008561 and earlier. This vulnerability can be exploited by a remote, unauthenticated attacker sending a specially crafted request. Successful exploitation could lead to arbitrary code execution or a denial-of-service (DoS) condition.
critical 9.8
Hype score
0
CVE-2025-3928 28 Apr 2025, 00:00
Commvault Web ServerAdded to CISA KEV catalog
- Vulnerability name
- Commvault Web Server Unspecified Vulnerability
- Product
- Commvault Web Server
CVE-2025-3928 is an unspecified vulnerability in the Commvault Web Server. It allows a remote, authenticated attacker to create and execute webshells on the affected server. The vulnerability can be exploited by any authenticated remote user, without requiring administrative privileges. CISA has added CVE-2025-3928 to its Known Exploited Vulnerabilities (KEV) catalog and recommends applying available vendor mitigations. Patches are available for Windows and Linux platforms in versions 11.36.46, 11.32.89, 11.28.141, and 11.20.217.
high 8.7
Hype score
0
CVE-2025-1976 28 Apr 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- Broadcom Brocade Fabric OS Code Injection Vulnerability
- Product
- Broadcom Brocade Fabric OS
CVE-2025-1976 is a code injection vulnerability affecting Broadcom Brocade Fabric OS. It exists in versions 9.1.0 through 9.1.1d6. The vulnerability allows a local user with administrative privileges to execute arbitrary code with full root privileges due to a flaw in IP Address validation. This vulnerability is actively being exploited. To mitigate the risk, it is recommended to update to Brocade Fabric OS version 9.1.1d7, which contains a security update to address the flaw.
high 8.6
Hype score
0
CVE-2025-31201 17 Apr 2025, 00:00
AppleAdded to CISA KEV catalog
- Vulnerability name
- Apple Multiple Products Arbitrary Read and Write Vulnerability
- Product
- Apple Multiple Products
CVE-2025-31201 is a vulnerability in RPAC (Return Pointer Authentication Code), a security feature designed to prevent return-oriented programming attacks. The vulnerability allows an attacker with arbitrary read and write capabilities to bypass Pointer Authentication. Apple addressed this issue by removing the vulnerable code in tvOS 18.4.1, visionOS 2.4.1, iOS 18.4.1 and iPadOS 18.4.1, and macOS Sequoia 15.4.1. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
high 7.5
Hype score
0
CVE-2025-31200 17 Apr 2025, 00:00
CoreAudioAppleAdded to CISA KEV catalog
- Vulnerability name
- Apple Multiple Products Memory Corruption Vulnerability
- Product
- Apple Multiple Products
CVE-2025-31200 is a memory corruption vulnerability that exists in Apple's CoreAudio framework. This vulnerability can be triggered when processing an audio stream within a maliciously crafted media file. Successful exploitation of this vulnerability could allow for arbitrary code execution on the affected device. Apple has addressed this issue with improved bounds checking in tvOS 18.4.1, visionOS 2.4.1, iOS and iPadOS 18.4.1, and macOS Sequoia 15.4.1. It was reported that this vulnerability may have been exploited in targeted attacks against specific individuals.
medium 6.8
Hype score
0
CVE-2025-24054 17 Apr 2025, 00:00
Windows NTLMAdded to CISA KEV catalog
- Vulnerability name
- Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
- Product
- Microsoft Windows
CVE-2025-24054 is a vulnerability in Windows NTLM that involves external control of the file name or path, potentially allowing an unauthorized attacker to perform spoofing over a network. The vulnerability can be exploited using a maliciously crafted .library-ms file. Active exploitation of CVE-2025-24054 has been observed in the wild since March 19, 2025. Attackers can potentially leak NTLM hashes or user passwords, compromising systems. Exploitation can be triggered with minimal user interaction, such as right-clicking, dragging and dropping, or simply navigating to a folder containing the malicious file.
medium 6.5
Hype score
0
CVE-2021-20035 16 Apr 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- SonicWall SMA100 Appliances OS Command Injection Vulnerability
- Product
- SonicWall SMA100 Appliances
Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.
medium 6.5
Hype score
0
CVE-2024-53197 09 Apr 2025, 00:00
Linux KernelAdded to CISA KEV catalog
- Vulnerability name
- Linux Kernel Out-of-Bounds Access Vulnerability
- Product
- Linux Kernel
CVE-2024-53197 is a privilege escalation vulnerability found in the USB sub-component of the Linux kernel. It stems from improper handling of the `bNumConfigurations` value in the ALSA USB audio subsystem, which can lead to out-of-bounds memory accesses. This vulnerability could allow an attacker with physical access to the system, through a malicious USB device, to manipulate system memory, potentially escalating privileges or executing arbitrary code. It has been identified as being exploited in targeted attacks, including being part of an exploit chain used to compromise an Android phone in December 2024.
high 7.8
Hype score
0
CVE-2024-53150 09 Apr 2025, 00:00
Added to CISA KEV catalog
- Vulnerability name
- Linux Kernel Out-of-Bounds Read Vulnerability
- Product
- Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.
high 7.1
Hype score
0
CVE-2025-30406 08 Apr 2025, 00:00
Gladinet CentreStackAdded to CISA KEV catalog
- Vulnerability name
- Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability
- Product
- Gladinet CentreStack
CVE-2025-30406 is a vulnerability affecting Gladinet CentreStack, a cloud-based enterprise file-sharing platform. It stems from the use of a hard-coded cryptographic key within the application's web configuration files (web.config). This key is used for ViewState integrity verification. Successful exploitation of this flaw allows an attacker to forge ViewState payloads. This enables server-side deserialization, ultimately leading to remote code execution. The vulnerability is classified as CWE-321, which highlights the risks associated with using hard-coded cryptographic keys.
critical 9.0
Hype score
0
CVE-2025-31161 07 Apr 2025, 00:00
CrushFTPAdded to CISA KEV catalog
- Vulnerability name
- CrushFTP Authentication Bypass Vulnerability
- Product
- CrushFTP CrushFTP
CVE-2025-31161 is a critical authentication bypass vulnerability found in CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. It stems from a flaw in the AWS4-HMAC authorization method within the HTTP component, allowing remote attackers to gain unauthorized access to systems running unpatched versions of the software via unauthenticated HTTP requests. The vulnerability allows attackers to impersonate any known or guessable user, including the "crushadmin" account, by sending a manipulated Authorization header. The server initially verifies user existence without requiring a password, enabling session authentication through HMAC verification before a subsequent user verification check. This bypass can lead to a full compromise of the system by obtaining an administrative account.
critical 9.8
Hype score
0