-bab6d4ce.png)
CyberAlerts provides a trusted catalog of vulnerabilities known to be exploited in the wild, drawing from many sources, including CISA KEV. Organizations can use this catalog to better prioritize and manage vulnerabilities in response to real-world threat activity. Further information here.
Displaying vulnerabilities 21 - 30 of 77 in total
CVE-2024-20439 |
Description: A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.
This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application.
CVSS: CRITICAL (9.8) EPSS Score: 89.39% SSVC Exploitation: active
March 21st, 2025 (28 days ago)
|
|
CVE-2025-30259 |
Description: The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated with BIGPRETZEL.
CVSS: LOW (3.5) EPSS Score: 0.03%
March 20th, 2025 (29 days ago)
|
|
CVE-2024-48248 |
Description: NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
CVSS: HIGH (8.6) EPSS Score: 90.8%
March 19th, 2025 (29 days ago)
|
|
CVE-2025-30066 |
Description: tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.)
CVSS: HIGH (8.6) EPSS Score: 63.87%
March 18th, 2025 (about 1 month ago)
|
|
CVE-2025-24472 |
Description: An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
CVSS: HIGH (8.1) EPSS Score: 0.04%
March 18th, 2025 (about 1 month ago)
|
|
CVE-2025-24813 |
Description: Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- application was using Tomcat's file based session persistence with the default storage location
- application included a library that may be leveraged in a deserialization attack
Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.98, which fixes the issue.
CVSS: CRITICAL (9.8) EPSS Score: 93.55%
March 17th, 2025 (about 1 month ago)
|
|
CVE-2025-1316 |
Description: Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device
CVSS: CRITICAL (9.3) EPSS Score: 50.61%
March 17th, 2025 (about 1 month ago)
|
|
CVE-2025-21590 |
Description: An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
This issue is not exploitable from the Junos CLI.
This issue affects Junos OS:
* All versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2.
CVSS: MEDIUM (4.4) EPSS Score: 5.1% SSVC Exploitation: none
March 13th, 2025 (about 1 month ago)
|
|
CVE-2025-24983 |
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24984 |
Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
CVSS: MEDIUM (4.6) EPSS Score: 19.24% SSVC Exploitation: active
March 11th, 2025 (about 1 month ago)
|