CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-32055
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end...
Description: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process.

CVSS: HIGH (7.8)

EPSS Score: 0.03%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-26010
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator,...
Description: A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVSS: HIGH (7.5)

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2025-2170
SonicWall SMA1000 SSRF Vulnerability
Description: A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.IMPORTANT: SonicWall PSIRT strongly advises users of the SMA1000 product to upgrade to the latest hotfix release version to address the vulnerability.Please note that SonicWall Firewall and SMA 100 series products are not affected by this vulnerability. CVE: CVE-2025-2170 Last updated: April 30, 2025, 2:26 p.m.

CVSS: HIGH (7.2)

EPSS Score: 0.03%

Source: SonicWall Security Advisories
May 1st, 2025 (about 2 months ago)
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
Description: Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. "This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide assistance," the company

CVSS: HIGH (8.8)

EPSS Score: 15.08%

Source: TheHackerNews
May 1st, 2025 (about 2 months ago)

CVE-2025-4148
Netgear EX6200 sub_503FC buffer overflow
Description: A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. Eine Schwachstelle wurde in Netgear EX6200 1.0.3.94 gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion sub_503FC. Dank der Manipulation des Arguments host mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen.

CVSS: HIGH (8.7)

EPSS Score: 0.2%

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2025-4147
Netgear EX6200 sub_47F7C buffer overflow
Description: A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this vulnerability is the function sub_47F7C. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. In Netgear EX6200 1.0.3.94 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion sub_47F7C. Durch Beeinflussen des Arguments host mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk.

CVSS: HIGH (8.8)

EPSS Score: 0.2%

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2025-4146
Netgear EX6200 sub_41940 buffer overflow
Description: A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine Schwachstelle in Netgear EX6200 1.0.3.94 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion sub_41940. Durch das Beeinflussen des Arguments host mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen.

CVSS: HIGH (8.8)

EPSS Score: 0.2%

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2025-2816
Page View Count 2.8.0 - 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
Description: The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the yellow_message_dontshow() function in versions 2.8.0 to 2.8.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to one on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2025-4142
Netgear EX6200 sub_3C8EC buffer overflow
Description: A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. In Netgear EX6200 1.0.3.94 wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es die Funktion sub_3C8EC. Durch das Beeinflussen des Arguments host mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk.

CVSS: HIGH (8.8)

EPSS Score: 0.2%

Source: CVE
April 30th, 2025 (about 2 months ago)

CVE-2025-4141
Netgear EX6200 sub_3C03C buffer overflow
Description: A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine kritische Schwachstelle in Netgear EX6200 1.0.3.94 gefunden. Dabei betrifft es die Funktion sub_3C03C. Durch Manipulieren des Arguments host mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen.

CVSS: HIGH (8.7)

EPSS Score: 0.2%

Source: CVE
April 30th, 2025 (about 2 months ago)