CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-25150	Directory Listings WordPress uListing plugin <= 2.1.6 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing allows Blind SQL Injection. This issue affects uListing: from n/a through 2.1.6. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1875	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "searchtitle" parameter in search.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1874	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "description" parameter in admin/add-category.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1873	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1872	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1871	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "category" and "subcategory" parameters in admin/add-subcategory.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1870	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagedescription" parameter in admin/aboutus.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1869	SQL injection vulnerability in 101news Description: SQL injection vulnerability have been found in 101news affecting version 1.0 through the "username" parameter in admin/check_avalability.php. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1867	HTTP Response Smuggling Vulnerability in libhv Description: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3. CVSS: CRITICAL (10.0) EPSS Score: 0.05% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-1866	Undefined Behavior Due to Out-of-Bounds Pointer Arithmetic in libwebsockets Description: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32 platform. By default, the affected code is not executed unless one of the following conditions is met: LWS_WITHOUT_EXTENSIONS (default ON) is manually set to OFF in CMake. LWS_WITH_HTTP_STREAM_COMPRESSION (default OFF) is manually set to ON in CMake. Despite these conditions, when triggered in affected configurations, this vulnerability may allow attackers to manipulate pointers, potentially leading to memory corruption or unexpected behavior. CVSS: CRITICAL (10.0) EPSS Score: 0.05% Source: CVE March 3rd, 2025 (4 months ago)