CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1073 |
Description: Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized firmware onto the device.
CVSS: HIGH (7.5) EPSS Score: 0.02%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-27350 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hugh Mungus Vice Versa allows Reflected XSS.This issue affects Vice Versa: from n/a through 2.2.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-23386 |
Description: A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1.
CVSS: HIGH (7.8) EPSS Score: 0.01%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32687 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magnigenie Review Stars Count For WooCommerce allows SQL Injection. This issue affects Review Stars Count For WooCommerce: from n/a through 2.0.
CVSS: HIGH (8.5) EPSS Score: 0.03%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32668 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3.
CVSS: HIGH (8.1) EPSS Score: 0.15%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32160 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashan Perera EventON. This issue affects EventON: from n/a through 2.3.2.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32158 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aThemes aThemes Addons for Elementor. This issue affects aThemes Addons for Elementor: from n/a through 1.0.15.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32145 |
Description: Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection. This issue affects WpEvently: from n/a through 4.3.5.
CVSS: HIGH (8.8) EPSS Score: 0.05%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32128 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in aaronfrey Nearby Locations allows SQL Injection. This issue affects Nearby Locations: from n/a through 1.1.1.
CVSS: HIGH (7.6) EPSS Score: 0.04%
April 10th, 2025 (3 months ago)
|
|
CVE-2025-32119 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CardGate CardGate Payments for WooCommerce allows Blind SQL Injection. This issue affects CardGate Payments for WooCommerce: from n/a through 3.2.1.
CVSS: HIGH (8.2) EPSS Score: 0.03%
April 10th, 2025 (3 months ago)
|