This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.
There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.
We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.
If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!
1. CVE-2024-35250
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-35250
2. CVE-2024-38144
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-38144
3. CVE-2020-35848
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function.
https://nvd.nist.gov/vuln/detail/CVE-2020-35848
4. CVE-2020-35846
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
https://nvd.nist.gov/vuln/detail/CVE-2020-35846
5. CVE-2021-23337
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
https://nvd.nist.gov/vuln/detail/CVE-2021-23337
6. CVE-2020-35847
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.
https://nvd.nist.gov/vuln/detail/CVE-2020-35847
7. CVE-2024-5630
The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.
https://nvd.nist.gov/vuln/detail/CVE-2024-5630
8. CVE-2024-24725
Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
https://nvd.nist.gov/vuln/detail/CVE-2024-24725
9. CVE-2025-24813
Path Equivalence: ‘file.Name’ (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
– writes enabled for the default servlet (disabled by default)
– support for partial PUT (enabled by default)
– a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
– attacker knowledge of the names of security sensitive files being uploaded
– the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution:
– writes enabled for the default servlet (disabled by default)
– support for partial PUT (enabled by default)
– application was using Tomcat’s file based session persistence with the default storage location
– application included a library that may be leveraged in a deserialization attack
Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
https://nvd.nist.gov/vuln/detail/CVE-2025-24813
10. CVE-2025-1128
The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file type and path validation in the ‘format’ method of the EVF_Form_Fields_Upload class in all versions up to, and including, 3.0.9.4. This makes it possible for unauthenticated attackers to upload, read, and delete arbitrary files on the affected site’s server which may make remote code execution, sensitive information disclosure, or a site takeover possible.
https://nvd.nist.gov/vuln/detail/CVE-2025-1128