AttackerKB
attackerkb
New assessment for topic: CVE-2025-2945
Topic description: "Remote Code Execution security vulnerability in pgAdmin 4 (Query Tool and Cloud Deployment modules). ..."
"On April 4th, 2025 pgAdmin released version 9.2, of “pgAdmin 4”, which included a fix for CVE-2025-2945, an authenticated RCE vulnerability affecting versions `8.10` through to `9.1` ..."
Link: https://attackerkb.com/assessments/05eb1108-f51a-40b9-bfdd-34885be6d785
Topic description: "Remote Code Execution security vulnerability in pgAdmin 4 (Query Tool and Cloud Deployment modules). ..."
"On April 4th, 2025 pgAdmin released version 9.2, of “pgAdmin 4”, which included a fix for CVE-2025-2945, an authenticated RCE vulnerability affecting versions `8.10` through to `9.1` ..."
Link: https://attackerkb.com/assessments/05eb1108-f51a-40b9-bfdd-34885be6d785
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-22457
"On April 3, 2025, Ivanti published an [advisory](https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457?language=en_US) for CVE-2025-22457, an unauthenticated remote code execution vulnerability due to a stack based buffer overflow ..."
Link: https://attackerkb.com/topics/77a42870-750f-41a9-97ed-07b482eac905
"On April 3, 2025, Ivanti published an [advisory](https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457?language=en_US) for CVE-2025-22457, an unauthenticated remote code execution vulnerability due to a stack based buffer overflow ..."
Link: https://attackerkb.com/topics/77a42870-750f-41a9-97ed-07b482eac905
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-53326
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"[CVE-2024-53326](https://trustedsec.com/blog/discovering-a-deserialization-vulnerability-in-linqpad) is a .NET deserialization vulnerability in Linqpad up to version 5.52.01 ..."
Link: https://attackerkb.com/assessments/da90857a-39e5-46c6-a30b-c9c628b3222f
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"[CVE-2024-53326](https://trustedsec.com/blog/discovering-a-deserialization-vulnerability-in-linqpad) is a .NET deserialization vulnerability in Linqpad up to version 5.52.01 ..."
Link: https://attackerkb.com/assessments/da90857a-39e5-46c6-a30b-c9c628b3222f
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-36255
Topic description: "An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL. ..."
"Eramba is open source Governance, Risk, and Compliance (GRC) software ..."
Link: https://attackerkb.com/assessments/6ad733b6-6bf1-45a3-a982-9d62dffa9c9e
Topic description: "An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL. ..."
"Eramba is open source Governance, Risk, and Compliance (GRC) software ..."
Link: https://attackerkb.com/assessments/6ad733b6-6bf1-45a3-a982-9d62dffa9c9e
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-30065
Topic description: "Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code ..."
"CVE-2025-30065 is a critical deserialization vulnerability (CWE-502: Deserialization of Untrusted Data) in Apache Parquet’s Java library (specifically in the parquet-avro module) ..."
Link: https://attackerkb.com/assessments/1227b01a-c0b5-42ad-a360-b3ce702062e8
Topic description: "Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code ..."
"CVE-2025-30065 is a critical deserialization vulnerability (CWE-502: Deserialization of Untrusted Data) in Apache Parquet’s Java library (specifically in the parquet-avro module) ..."
Link: https://attackerkb.com/assessments/1227b01a-c0b5-42ad-a360-b3ce702062e8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-2825
Topic description: "CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access ..."
"[CVE-2025-2825](https://nvd.nist.gov/vuln/detail/CVE-2025-2825) is a critical vulnerability affecting CrushFTP 11 below 11.3.1 and 10 below 10.8.4 ..."
Link: https://attackerkb.com/assessments/4c81cb24-aafd-4753-92bb-33c1190c24a5
Topic description: "CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access ..."
"[CVE-2025-2825](https://nvd.nist.gov/vuln/detail/CVE-2025-2825) is a critical vulnerability affecting CrushFTP 11 below 11.3.1 and 10 below 10.8.4 ..."
Link: https://attackerkb.com/assessments/4c81cb24-aafd-4753-92bb-33c1190c24a5
0
1
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-2825
"On Friday, March 21, 2025, [CrushFTP](https://www.crushftp.com/), a managed file transfer solution vendor, announced [a new vulnerability](https://www.rapid7.com/blog/post/2025/03/25/etr-notable-vulnerabilities-in-next-js-cve-2025-29927/) to customers via email ..."
Link: https://attackerkb.com/topics/a0e10b90-c471-484c-ace4-4f3ae764c183
"On Friday, March 21, 2025, [CrushFTP](https://www.crushftp.com/), a managed file transfer solution vendor, announced [a new vulnerability](https://www.rapid7.com/blog/post/2025/03/25/etr-notable-vulnerabilities-in-next-js-cve-2025-29927/) to customers via email ..."
Link: https://attackerkb.com/topics/a0e10b90-c471-484c-ace4-4f3ae764c183
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-29927
Topic description: "Next.js is a React framework for building full-stack web applications ..."
"On the 21st March 2025 Next.js released an advisory notifying users of a vulnerability affecting versions of the framework prior to 14.2.25 and 15.2.3 ..."
Link: https://attackerkb.com/assessments/9152fc92-56bf-4374-96db-9fa9b34cbbf6
Topic description: "Next.js is a React framework for building full-stack web applications ..."
"On the 21st March 2025 Next.js released an advisory notifying users of a vulnerability affecting versions of the framework prior to 14.2.25 and 15.2.3 ..."
Link: https://attackerkb.com/assessments/9152fc92-56bf-4374-96db-9fa9b34cbbf6
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-26633
Topic description: "Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. ..."
"CVE-2025-26633, nicknamed “MSC EvilTwin”, is a security feature bypass vulnerability in Microsoft Management Console (MMC), discovered being exploited in the wild as early as February 2025 by the threat actor group EncryptHub ..."
Link: https://attackerkb.com/assessments/d81fa814-6af3-4d79-8b7a-f7c1049a971f
Topic description: "Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. ..."
"CVE-2025-26633, nicknamed “MSC EvilTwin”, is a security feature bypass vulnerability in Microsoft Management Console (MMC), discovered being exploited in the wild as early as February 2025 by the threat actor group EncryptHub ..."
Link: https://attackerkb.com/assessments/d81fa814-6af3-4d79-8b7a-f7c1049a971f
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-24521
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"RansomHub affiliate observed in abusing this vulnerability including 3 files that were weaponizing this vulnerability: https://www.security.com/threat-intelligence/ransomhub-betruger-backdoor ..."
Link: https://attackerkb.com/assessments/9572a87d-9159-4573-b90d-bbacbe294965
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"RansomHub affiliate observed in abusing this vulnerability including 3 files that were weaponizing this vulnerability: https://www.security.com/threat-intelligence/ransomhub-betruger-backdoor ..."
Link: https://attackerkb.com/assessments/9572a87d-9159-4573-b90d-bbacbe294965
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-24799
Topic description: "GLPI is a free asset and IT management software package ..."
"On February 12th, 2025 GLPI released version `10.0.18` which included a patch for CVE-2024-24799, a SQLi vulnerability affecting versions `10.0.0` to `10.0.17` ..."
Link: https://attackerkb.com/assessments/7b879784-36c7-41d4-9f0b-258ae925cb27
Topic description: "GLPI is a free asset and IT management software package ..."
"On February 12th, 2025 GLPI released version `10.0.18` which included a patch for CVE-2024-24799, a SQLi vulnerability affecting versions `10.0.0` to `10.0.17` ..."
Link: https://attackerkb.com/assessments/7b879784-36c7-41d4-9f0b-258ae925cb27
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-12971
Topic description: "Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6 ..."
"This is a similar RCE like [CVE-2024-12992](https://attackerkb.com/topics/Aua29E9XcB/cve-2024-12992) but now in the `Chromium-path` and `Phantomjs-bin` directory settings at the Pandora FMS application. ..."
Link: https://attackerkb.com/assessments/bc5c36bb-8560-42e1-b19f-aa247fdb3d8a
Topic description: "Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6 ..."
"This is a similar RCE like [CVE-2024-12992](https://attackerkb.com/topics/Aua29E9XcB/cve-2024-12992) but now in the `Chromium-path` and `Phantomjs-bin` directory settings at the Pandora FMS application. ..."
Link: https://attackerkb.com/assessments/bc5c36bb-8560-42e1-b19f-aa247fdb3d8a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-12992
Topic description: "Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE ..."
" I found a RCE in the goTTY QuickShell implementation that was, according the documentation, introduced in Pandora FMS version 774. ..."
Link: https://attackerkb.com/assessments/047449bc-986d-481f-a8b3-c2b3b8d579d6
Topic description: "Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE ..."
" I found a RCE in the goTTY QuickShell implementation that was, according the documentation, introduced in Pandora FMS version 774. ..."
Link: https://attackerkb.com/assessments/047449bc-986d-481f-a8b3-c2b3b8d579d6
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-24813
Topic description: "Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. ..."
"On March 10, 2025, the Apache Software Foundation [published](https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq) an advisory for [CVE-2025-24813](https://nvd.nist.gov/vuln/detail/CVE-2025-24813), an unauthenticated remote code execution vulnerability in Apache Tomcat’s “partial PUT” feature ..."
Link: https://attackerkb.com/assessments/1a24556d-24fb-4017-be67-e4ab39c76566
Topic description: "Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. ..."
"On March 10, 2025, the Apache Software Foundation [published](https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq) an advisory for [CVE-2025-24813](https://nvd.nist.gov/vuln/detail/CVE-2025-24813), an unauthenticated remote code execution vulnerability in Apache Tomcat’s “partial PUT” feature ..."
Link: https://attackerkb.com/assessments/1a24556d-24fb-4017-be67-e4ab39c76566
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2019-1068
Topic description: "A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/62a5a5b7-5f8f-47c8-a46d-ef32f994d28d
Topic description: "A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/62a5a5b7-5f8f-47c8-a46d-ef32f994d28d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-30085
Topic description: "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability ..."
"CVE-2024-30085 is a heap-based buffer overflow in the Windows Cloud Filter Mini Driver ..."
Link: https://attackerkb.com/assessments/7bdbab3a-f30c-46b2-ac66-e399624eb6d7
Topic description: "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability ..."
"CVE-2024-30085 is a heap-based buffer overflow in the Windows Cloud Filter Mini Driver ..."
Link: https://attackerkb.com/assessments/7bdbab3a-f30c-46b2-ac66-e399624eb6d7
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-43451
Topic description: "NTLM Hash Disclosure Spoofing Vulnerability ..."
"CVE-2024-43451 is a Windows NTLM hash disclosure vulnerability categorized as a "spoofing" flaw that affects all supported Microsoft Windows versions, including Windows 10, Windows 11, and Windows Server editions. ..."
Link: https://attackerkb.com/assessments/f3043ff4-f3e9-4120-a46d-16868c8e27f9
Topic description: "NTLM Hash Disclosure Spoofing Vulnerability ..."
"CVE-2024-43451 is a Windows NTLM hash disclosure vulnerability categorized as a "spoofing" flaw that affects all supported Microsoft Windows versions, including Windows 10, Windows 11, and Windows Server editions. ..."
Link: https://attackerkb.com/assessments/f3043ff4-f3e9-4120-a46d-16868c8e27f9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-55555
Topic description: "Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an attacker knows the APP_KEY ..."
"Laravel PHP applications can be exploited due to bad implementations of decryption mechanisms ..."
Link: https://attackerkb.com/assessments/bed328ac-6982-4a75-95f5-170ff0ea894d
Topic description: "Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an attacker knows the APP_KEY ..."
"Laravel PHP applications can be exploited due to bad implementations of decryption mechanisms ..."
Link: https://attackerkb.com/assessments/bed328ac-6982-4a75-95f5-170ff0ea894d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-27218
Topic description: "Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization. ..."
"On January 6, 2025, Sitecore published a security bulletin, [SC2024-002-624693](https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003535) , for a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 ..."
Link: https://attackerkb.com/assessments/54a61ef3-00e8-47cf-a4d0-c36950f2e373
Topic description: "Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization. ..."
"On January 6, 2025, Sitecore published a security bulletin, [SC2024-002-624693](https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003535) , for a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 ..."
Link: https://attackerkb.com/assessments/54a61ef3-00e8-47cf-a4d0-c36950f2e373
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-0282
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Microsoft released a report observing a state-sponsored actor called Silk Typhoon abusing this vulnerability, hence we added a the tag to reflect this ..."
Link: https://attackerkb.com/assessments/8dd72440-c8b5-41bb-a6c4-2396ca7e2f02
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Microsoft released a report observing a state-sponsored actor called Silk Typhoon abusing this vulnerability, hence we added a the tag to reflect this ..."
Link: https://attackerkb.com/assessments/8dd72440-c8b5-41bb-a6c4-2396ca7e2f02
0
1
0