CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-2005 |
Description: The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and including, 3.2.32. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVSS: CRITICAL (9.8) EPSS Score: 0.08%
April 2nd, 2025 (3 months ago)
|
|
CVE-2025-0415 |
Description: A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for downstream systems that rely on its network services.
CVSS: CRITICAL (9.2) EPSS Score: 0.18%
April 2nd, 2025 (3 months ago)
|
|
CVE-2025-30356 |
Description: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent unsafe calculations. As a result, an attacker can still craft malicious frames that cause a negative tf_payload_len, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a memcpy call.
CVSS: CRITICAL (9.3) EPSS Score: 0.06%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31612 |
Description: Deserialization of Untrusted Data vulnerability in Sabuj Kundu CBX Poll allows Object Injection. This issue affects CBX Poll: from n/a through 1.2.7.
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31579 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in EXEIdeas International WP AutoKeyword allows SQL Injection. This issue affects WP AutoKeyword: from n/a through 1.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31553 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting allows SQL Injection. This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through 3.1.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31552 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in davidfcarr RSVPMarker allows SQL Injection. This issue affects RSVPMarker : from n/a through 11.4.8.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31551 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows SQL Injection. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31534 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shopperdotcom Shopper allows SQL Injection. This issue affects Shopper: from n/a through 3.2.5.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|
|
CVE-2025-31531 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in click5 History Log by click5 allows SQL Injection. This issue affects History Log by click5: from n/a through 1.0.13.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
April 1st, 2025 (3 months ago)
|