Snapshot
Feb. 22, 2025 - Feb. 28, 2025
CISA Known Exploited Vulnerabilities |
||||
|---|---|---|---|---|
| CVE | Summary | Severity | Vendor | Date Added |
| CVE-2024-49035 | Microsoft Partner Center contains an improper access control vulnerability that allows an attacker to escalate privileges. | CRITICAL | Microsoft | Feb. 25, 2025 |
| CVE-2023-34192 | Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. | CRITICAL | Synacor | Feb. 25, 2025 |
| CVE-2017-3066 | Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code execution. | CRITICAL | Adobe | Feb. 24, 2025 |
| CVE-2024-20953 | Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system. | HIGH | Oracle | Feb. 24, 2025 |
Newswires |
||||
|
Critical XSS Vulnerability in WordPress Plugin Threatens Over Two Million Websites
A grave security vulnerability, labelled as CVE-2025-24752, has been unveiled in the Essential Addons for Elementor WordPress plugin, potentially placing over two million websites in jeopardy. |
Feb. 26, 2025 |
|||
|
PolarEdge Botnet: Over 2,000 IoT Devices Infected Globally
The PolarEdge botnet, a complex malware campaign focusing on IoT devices, has been unearthed by the Threat Detection & Research (TDR) team at Sekoia. |
Feb. 26, 2025 |
|||
|
Critical Vulnerability in Ivanti EPM: PoC for CVE-2024-13159 Released
Security expert Zach Hanley, associated with Horizon3.ai, has revealed the specifics and a proof-of-concept (PoC) for a high-severity vulnerability in Ivanti Endpoint Manager (EPM), designated as CVE-2024-13159. |
Feb. 25, 2025 |
|||
|
Critical Vulnerability in Everest Forms Plugin Threatens Over 100,000 WordPress Sites
A critical security vulnerability, labeled as CVE-2025-1128, has been discovered in the widely used WordPress plugin, Everest Forms. |
Feb. 25, 2025 |
|||
Vulnerabilities In The News |
||||
| CVE | Summary | Severity | Vendor | Risk Context |
| CVE-2025-27364 (4) | In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution vulnerability was found in the dynamic agen... | CRITICAL |
Remote Code Execution |
|
| CVE-2025-24989 (3) | An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network ... | CRITICAL | Microsoft |
CISA Known Exploited Actively Exploited |
| CVE-2024-49035 (3) | An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges ... | CRITICAL | Microsoft |
CISA Known Exploited |
| CVE-2024-34331 (3) | A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges ... | CRITICAL |
Actively Exploited |
|
| CVE-2017-3066 (3) | Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a J... | CRITICAL | Adobe |
CISA Known Exploited Public Exploits Available |
| CVE-2024-13159 (2) | Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update ... | CRITICAL |
Remote Code Execution Public Exploits Available |
|
| CVE-2023-34192 (3) | Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code vi... | CRITICAL | Synacor, Zimbra |
CISA Known Exploited |
| CVE-2024-20953 (3) | Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain . | HIGH | Oracle |
CISA Known Exploited |
| CVE-2023-20118 (2) | A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and... | HIGH | Cisco |
Actively Exploited Remote Code Execution |
CISA Known Exploited Vulnerabilities
CISA added four vulnerabilities to the known exploited vulnerabilities list.
Microsoft — Partner Center |
|
CVE-2024-49035 / Added: Feb. 25, 2025 |
|
CRITICAL CVSS 9.80 EPSS Score 20.16 EPSS Percentile 96.43 |
|
Microsoft Partner Center contains an improper access control vulnerability that allows an attacker to escalate privileges. |
|
Headlines
|
Synacor — Zimbra Collaboration Suite (ZCS) |
|
CVE-2023-34192 / Added: Feb. 25, 2025 |
|
CRITICAL CVSS 9.00 EPSS Score 90.09 EPSS Percentile 99.09 |
|
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. |
|
Headlines
|
Adobe — ColdFusion |
|
CVE-2017-3066 / Added: Feb. 24, 2025 |
|
CRITICAL CVSS 9.80 EPSS Score 97.07 EPSS Percentile 99.88 |
|
Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code execution. |
|
Headlines
|
Oracle — Agile Product Lifecycle Management (PLM) |
|
CVE-2024-20953 / Added: Feb. 24, 2025 |
|
HIGH CVSS 8.80 EPSS Score 2.21 EPSS Percentile 89.42 |
|
Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system. |
|
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2025-27364 |
|
CRITICAL CVSS 10.00 EPSS Score 0.04 EPSS Percentile 18.53 |
|
Remote Code Execution |
|
Published: Feb. 24, 2025 |
|
In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web request to the Caldera server API used for compiling and downloading of Caldera's Sandcat or Manx agent (implants). This web request can use the gcc -extldflags linker flag with sub-commands. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2025-24989 |
|
CRITICAL CVSS 9.80 EPSS Score 2.32 EPSS Percentile 89.68 |
|
CISA Known Exploited Actively Exploited |
|
Published: Feb. 19, 2025 |
|
An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you. |
|
Vendor Impacted: Microsoft |
|
Product Impacted: Power Pages |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-49035 |
|
CRITICAL CVSS 9.80 EPSS Score 20.16 EPSS Percentile 96.43 |
|
CISA Known Exploited |
|
Published: Nov. 26, 2024 |
|
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. |
|
Vendor Impacted: Microsoft |
|
Product Impacted: Partner Center |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-34331 |
|
CRITICAL CVSS 9.80 EPSS Score 0.04 EPSS Percentile 11.76 |
|
Actively Exploited |
|
Published: Sept. 23, 2024 |
|
A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root. |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2017-3066 |
|
CRITICAL CVSS 9.80 EPSS Score 97.07 EPSS Percentile 99.88 |
|
CISA Known Exploited Public Exploits Available |
|
Published: April 27, 2017 |
|
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution. |
|
Vendor Impacted: Adobe |
|
Product Impacted: Coldfusion |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-13159 |
|
CRITICAL CVSS 9.80 EPSS Score 0.05 EPSS Percentile 25.66 |
|
Remote Code Execution Public Exploits Available |
|
Published: Jan. 14, 2025 |
|
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
CVE-2023-34192 |
|
CRITICAL CVSS 9.00 EPSS Score 90.09 EPSS Percentile 99.09 |
|
CISA Known Exploited |
|
Published: July 6, 2023 |
|
Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. |
|
Vendors Impacted: Synacor, Zimbra |
|
Products Impacted: Collaboration, Zimbra Collaboration Suite (Zcs) |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-20953 |
|
HIGH CVSS 8.80 EPSS Score 2.21 EPSS Percentile 89.42 |
|
CISA Known Exploited |
|
Published: Feb. 17, 2024 |
|
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in takeover of Oracle Agile PLM. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). |
|
Vendor Impacted: Oracle |
|
Products Impacted: Agile Product Lifecycle Management (Plm), Agile Product Lifecycle Management |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2023-20118 |
|
HIGH CVSS 7.20 EPSS Score 0.07 EPSS Percentile 33.22 |
|
Actively Exploited Remote Code Execution |
|
Published: April 13, 2023 |
|
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not and will not release software updates that address this vulnerability. |
|
Vendor Impacted: Cisco |
|
Products Impacted: Rv325 Firmware, Rv042g Firmware, Rv016, Rv016 Firmware, Rv325, Rv320, Rv082 Firmware, Rv320 Firmware, Rv042 Firmware, Rv042g, Rv042, Rv082 |
|
Quotes
|
|
Headlines |
| Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.
