CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on July 17th, 2025 (about 3 hours ago).
Description: A vulnerability disclosed in May 2025, CVE-2025-48927, affects certain deployments of TeleMessageTM SGNL. If exposed, this endpoint can return a full snapshot of heap memory which may include plaintext usernames, passwords, and other sensitive data.
CVSS: MEDIUM (5.3)
July 17th, 2025 (about 3 hours ago)
|
CVE-2024-0769 |
🚨 Marked as known exploited on June 25th, 2025 (22 days ago).
Description: ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251666 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. Eine kritische Schwachstelle wurde in D-Link DIR-859 1.06B01 ausgemacht. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /hedwig.cgi der Komponente HTTP POST Request Handler. Durch Manipulieren des Arguments service mit der Eingabe ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 73.09% SSVC Exploitation: active
June 25th, 2025 (22 days ago)
|
|
CVE-2025-43200 |
🚨 Marked as known exploited on June 16th, 2025 (about 1 month ago).
Description: This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
CVSS: MEDIUM (4.8) EPSS Score: 0.63%
June 16th, 2025 (about 1 month ago)
|
|
CVE-2025-43200 |
🚨 Marked as known exploited on June 16th, 2025 (about 1 month ago).
Description: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2025-43200 Apple Multiple Products Unspecified Vulnerability
CVE-2023-33538 TP-Link Multiple Routers Command Injection Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CVSS: MEDIUM (4.8) EPSS Score: 0.63%
June 16th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on June 13th, 2025 (about 1 month ago).
Description: Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks.
The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1,
CVSS: MEDIUM (4.8) EPSS Score: 0.63%
June 13th, 2025 (about 1 month ago)
|
|
CVE-2025-48929 |
🚨 Marked as known exploited on May 28th, 2025 (about 2 months ago).
Description: The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.0) EPSS Score: 0.04%
May 28th, 2025 (about 2 months ago)
|
|
CVE-2025-48928 |
🚨 Marked as known exploited on May 28th, 2025 (about 2 months ago).
Description: The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.0) EPSS Score: 0.02% SSVC Exploitation: none
May 28th, 2025 (about 2 months ago)
|
|
CVE-2025-48927 |
🚨 Marked as known exploited on May 28th, 2025 (about 2 months ago).
Description: The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
CVSS: MEDIUM (5.3) EPSS Score: 0.04% SSVC Exploitation: none
May 28th, 2025 (about 2 months ago)
|
|
CVE-2025-48926 |
🚨 Marked as known exploited on May 28th, 2025 (about 2 months ago).
Description: The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 28th, 2025 (about 2 months ago)
|
|
CVE-2025-48925 |
🚨 Marked as known exploited on May 28th, 2025 (about 2 months ago).
Description: The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential, as exploited in the wild in May 2025.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
May 28th, 2025 (about 2 months ago)
|