Customer portal
CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 24 March 2025

 

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

 


 

1.  CVE-2024-35250

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

https://nvd.nist.gov/vuln/detail/CVE-2024-35250

 


 

2. CVE-2024-38144

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

https://nvd.nist.gov/vuln/detail/CVE-2024-38144

 


 

3. CVE-2020-35848

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function.

https://nvd.nist.gov/vuln/detail/CVE-2020-35848

 


 

4. CVE-2020-35846

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.

https://nvd.nist.gov/vuln/detail/CVE-2020-35846

 


 

5. CVE-2021-23337

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

https://nvd.nist.gov/vuln/detail/CVE-2021-23337

 


 

6. CVE-2020-35847

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.

https://nvd.nist.gov/vuln/detail/CVE-2020-35847

 


 

7. CVE-2024-5630

The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

https://nvd.nist.gov/vuln/detail/CVE-2024-5630

 


 

8. CVE-2024-24725

Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.

https://nvd.nist.gov/vuln/detail/CVE-2024-24725

 


 

9. CVE-2025-24813

Path Equivalence: ‘file.Name’ (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.

If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
– writes enabled for the default servlet (disabled by default)
– support for partial PUT (enabled by default)
– a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
– attacker knowledge of the names of security sensitive files being uploaded
– the security sensitive files also being uploaded via partial PUT

If all of the following were true, a malicious user was able to perform remote code execution:
– writes enabled for the default servlet (disabled by default)
– support for partial PUT (enabled by default)
– application was using Tomcat’s file based session persistence with the default storage location
– application included a library that may be leveraged in a deserialization attack

Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.

https://nvd.nist.gov/vuln/detail/CVE-2025-24813

 


 

10. CVE-2025-1128

The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file type and path validation in the ‘format’ method of the EVF_Form_Fields_Upload class in all versions up to, and including, 3.0.9.4. This makes it possible for unauthenticated attackers to upload, read, and delete arbitrary files on the affected site’s server which may make remote code execution, sensitive information disclosure, or a site takeover possible.

https://nvd.nist.gov/vuln/detail/CVE-2025-1128

 


Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound