CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-0763 |
Description: Any user can delete an arbitrary folder (recursively) on a remote server due to bad input sanitization leading to path traversal. The attacker would need access to the server at some privilege level since this endpoint is protected and requires authorization.
CVSS: HIGH (8.1) EPSS Score: 0.62% SSVC Exploitation: poc
March 27th, 2025 (3 months ago)
|
|
CVE-2024-0436 |
Description: Theoretically, it would be possible for an attacker to brute-force the password for an instance in single-user password protection mode via a timing attack given the linear nature of the `!==` used for comparison.
The risk is minified by the additional overhead of the request, which varies in a non-constant nature making the attack less reliable to execute
CVSS: HIGH (7.1) EPSS Score: 0.16% SSVC Exploitation: none
March 27th, 2025 (3 months ago)
|
|
CVE-2024-45356 |
Description: A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.
CVSS: HIGH (7.3) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2024-45352 |
Description: An code execution vulnerability exists in the Xiaomi smarthome application product. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code.
CVSS: HIGH (8.8) EPSS Score: 0.02%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-20229 |
Description: In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) through a file upload to the "$SPLUNK_HOME/var/run/splunk/apptemp" directory due to missing authorization checks.
CVSS: HIGH (8.0) EPSS Score: 0.07%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-2837 |
Description: Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of HTTP requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23245.
CVSS: HIGH (8.8) EPSS Score: 0.1%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-2787 |
Description: KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.
Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub:
* 1.13.3 or above
* 1.12.4 or above
* 1.11.4 or above
* 1.10.4 or above
*
CVSS: HIGH (8.7) EPSS Score: 0.05%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-20231 |
Description: In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.
CVSS: HIGH (7.1) EPSS Score: 0.03%
March 26th, 2025 (3 months ago)
|
|
Description: Describe the Bug
In Directus, when a Flow with the "Webhook" trigger and the "Data of Last Operation" response body encounters a ValidationError thrown by a failed condition operation, the API response includes sensitive data. This includes environmental variables, sensitive API keys, user accountability information, and operational data.
This issue poses a significant security risk, as any unintended exposure of this data could lead to potential misuse.
To Reproduce
Steps to Reproduce:
Create a Flow in Directus with:
Trigger: Webhook
Response Body: Data of Last Operation
Add a condition that is likely to fail.
Trigger the Flow with any input data that will fail the condition.
Observe the API response, which includes sensitive information like:
Environmental variables ($env)
Authorization headers
User details under $accountability
Previous operational data.
Expected Behavior:
In the event of a ValidationError, the API response should only contain relevant error messages and details, avoiding the exposure of sensitive data.
Actual Behavior:
The API response includes sensitive information such as:
Environment keys (FLOWS_ENV_ALLOW_LIST)
User accountability (role, user, etc.)
Operational logs (current_payments, $last), which might contain private details.
References
https://github.com/directus/directus/security/advisories/GHSA-fm3h-p9wm-h74h
https://nvd.nist.gov/vuln/detail/CVE-2025-30353
https://github.com/advisories/GHSA-fm3h-p9wm-h74h
CVSS: HIGH (8.6) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2019-9875 |
Description: Sitecore CMS and Experience Platform (XP) contain a deserialization vulnerability in the Sitecore.Security.AntiCSRF module that allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN.
CVSS: HIGH (8.8)
March 26th, 2025 (3 months ago)
|