CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-29987 |
Description: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges.
CVSS: HIGH (8.8) EPSS Score: 0.07% SSVC Exploitation: none
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-3161 |
Description: A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in Tenda AC10 16.03.10.13 gefunden. Dies betrifft die Funktion ShutdownSetAdd der Datei /goform/ShutdownSetAdd. Mit der Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.7) EPSS Score: 0.06% SSVC Exploitation: none
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31909 |
Description: Missing Authorization vulnerability in NotFound Apptivo Business Site CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Apptivo Business Site CRM: from n/a through 5.3.
CVSS: HIGH (7.5) EPSS Score: 0.05%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31907 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labib Ahmed Team Builder allows Reflected XSS. This issue affects Team Builder: from n/a through 1.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31905 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Team Rosters allows Reflected XSS. This issue affects Team Rosters: from n/a through 4.7.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31903 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound XV Random Quotes allows Reflected XSS. This issue affects XV Random Quotes: from n/a through 1.37.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31902 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Social Share And Social Locker allows Reflected XSS. This issue affects Social Share And Social Locker: from n/a through 1.4.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31901 |
WordPress Digihood HTML Sitemap Plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digihood Digihood HTML Sitemap allows Reflected XSS. This issue affects Digihood HTML Sitemap: from n/a through 3.1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31900 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lexicata Lexicata allows Reflected XSS. This issue affects Lexicata: from n/a through 1.0.16.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|
|
CVE-2025-31899 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpshopee Awesome Logos allows Reflected XSS. This issue affects Awesome Logos: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 3rd, 2025 (3 months ago)
|