CVE Trends
BetaUpdated 17 minutes ago
FeedsTop 10 CVEs trending on social media within the last 24 hours.
When the Hypemeter is low, rankings become less reliable due to limited online discussion.Trending
Hype score
Published
Description
Last 24 hours
- show more detail1CVE-2025-23114
critical 9.0
9
Feb 5, 2025
A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate.
- show more detail2CVE-2024-46982
high 7.5
6
Sep 17, 2024
Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a `Cache-Control: s-maxage=1, stale-while-revalidate` header which some upstream CDNs may cache as well. To be potentially affected all of the following must apply: 1. Next.js between 13.5.1 and 14.2.9, 2. Using pages router, & 3. Using non-dynamic server-side rendered routes e.g. `pages/dashboard.tsx` not `pages/blog/[slug].tsx`. This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not. There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version.
- show more detail3CVE-2025-0411
high 7.0
6
Jan 25, 2025
CVE-2025-0411 is a vulnerability found in the 7-Zip file archiver that allows attackers to bypass the Mark-of-the-Web (MOTW) security feature in Windows. This vulnerability enables attackers to create specially crafted archives. When these archives are extracted using a vulnerable version of 7-Zip, the extracted files do not inherit the MOTW attribute, which normally marks files downloaded from the internet as potentially unsafe. This bypass allows malicious code within the extracted files to execute without triggering the usual security warnings associated with MOTW. Exploiting this vulnerability requires user interaction: a user must either open a malicious file or visit a webpage that triggers the download and extraction of a malicious archive. The vulnerability was addressed in 7-Zip version 24.09, released on November 29, 2024. A proof-of-concept exploit has been publicly released as of January 27, 2025.
- show more detail4CVE-2025-20124
critical 9.9
4
Feb 5, 2025
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This vulnerability is due to insecure deserialization of user-supplied Java byte streams by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object to an affected API. A successful exploit could allow the attacker to execute arbitrary commands on the device and elevate privileges. Note: To successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. In a single-node deployment, new devices will not be able to authenticate during the reload time.
- show more detail5CVE-2023-40547
high 8.3
4
Jan 25, 2024
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.
- show more detail6CVE-2025-21293
high 8.8
3
Jan 14, 2025
CVE-2025-21293 is an elevation of privilege vulnerability in Microsoft Active Directory Domain Services. It allows attackers to gain elevated privileges on a system where they already have user-level access. The vulnerability stems from overly permissive access control lists (ACLs) associated with certain registry keys. Specifically, the "Network Configuration Operators" group has the "CreateSubKey" permission on sensitive registry keys. Exploitation of this vulnerability involves manipulating these registry keys, particularly those related to performance counters, to escalate privileges. This vulnerability was discovered by BirkeP while investigating the "Network Configuration Operators" group and its permissions within the registry. The researcher collaborated with Clément Labro, who developed a method to weaponize performance counters for exploitation.
- show more detail7CVE-2025-21415
critical 9.9
1
Jan 29, 2025
CVE-2025-21415 is an authentication bypass vulnerability due to spoofing, affecting Microsoft's Azure AI Face Service. An attacker who already has authorization could exploit this flaw to gain elevated privileges on the network. Microsoft has acknowledged the existence of proof-of-concept exploit code for this vulnerability. While the specific details of the vulnerability have not been publicly disclosed, it involves a discrepancy in how the Azure AI Face service analyzes and processes images. Microsoft has addressed the vulnerability without requiring any action from customers. The fix was deployed, and the vulnerability mitigated by February 4, 2025.
- show more detail8CVE-2024-53104
high 7.8
Exploit known
1
Dec 2, 2024
CVE-2024-53104 is a privilege escalation vulnerability found in the Android kernel's USB Video Class (UVC) driver. This driver is primarily used for handling USB cameras and similar video sources. The vulnerability arises from improper parsing of specifically crafted video frames, leading to a memory corruption issue. This could allow an attacker to write to memory locations they shouldn't have access to. Exploitation of this vulnerability could allow for local privilege escalation, potentially enabling a malicious app or specially crafted hardware to gain control of a vulnerable Android device. Google has acknowledged that there are indications of limited, targeted exploitation of this vulnerability. A patch for this vulnerability was incorporated into the open-source kernel at the end of 2024 and is included in the February 2025 Android security update.
- show more detail9CVE-2024-56161
high 7.2
1
Feb 3, 2025
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.
- show more detail10
1
Feb 6, 2025
Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.