-bab6d4ce.png)
CyberAlerts provides a trusted catalog of vulnerabilities known to be exploited in the wild, drawing from many sources, including CISA KEV. Organizations can use this catalog to better prioritize and manage vulnerabilities in response to real-world threat activity. Further information here.
Displaying vulnerabilities 81 - 90 of 131 in total
CVE-2025-1316 |
Description: Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device
CVSS: CRITICAL (9.3) EPSS Score: 50.61%
March 17th, 2025 (4 months ago)
|
|
CVE-2025-21590 |
Description: An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device.
A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.
This issue is not exploitable from the Junos CLI.
This issue affects Junos OS:
* All versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2.
CVSS: MEDIUM (4.4) EPSS Score: 5.1% SSVC Exploitation: none
March 13th, 2025 (4 months ago)
|
|
CVE-2025-24991 |
Description: Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
CVSS: MEDIUM (5.5) EPSS Score: 2.97% SSVC Exploitation: active
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24985 |
Description: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 9.81% SSVC Exploitation: active
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24993 |
Description: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05% SSVC Exploitation: active
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24984 |
Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
CVSS: MEDIUM (4.6) EPSS Score: 19.24% SSVC Exploitation: active
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24983 |
Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91% SSVC Exploitation: active
March 11th, 2025 (4 months ago)
|
|
CVE-2025-25181 |
Description: A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.
CVSS: MEDIUM (5.8) EPSS Score: 0.05%
March 10th, 2025 (4 months ago)
|
|
CVE-2024-57968 |
Description: Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this.
CVSS: CRITICAL (9.9) EPSS Score: 0.05%
March 10th, 2025 (4 months ago)
|
|
CVE-2024-13160 |
Description: Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
March 10th, 2025 (4 months ago)
|