CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-25711 |
Description: An issue in dtp.ae tNexus Airport View v.2.8 allows a remote attacker to escalate privileges via the ProfileID value to the [/tnexus/rest/admin/updateUser] API endpoint
CVSS: HIGH (8.8) EPSS Score: 0.1% SSVC Exploitation: none
March 12th, 2025 (4 months ago)
|
|
CVE-2025-1683 |
Description: Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links.
CVSS: HIGH (7.8) EPSS Score: 0.02%
March 12th, 2025 (4 months ago)
|
|
CVE-2025-0884 |
Description: Unquoted Search Path or Element vulnerability in OpenText™ Service Manager.
The vulnerability could allow a user to gain SYSTEM privileges through Privilege Escalation.
This issue affects Service Manager: 9.70, 9.71, 9.72.
CVSS: HIGH (7.3) EPSS Score: 0.01%
March 12th, 2025 (4 months ago)
|
|
CVE-2025-0813 |
Description: CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an
unauthorized user without permission rights has physical access to the EPAS-UI computer and is able to
reboot the workstation and interrupt the normal boot process.
CVSS: HIGH (7.0) EPSS Score: 0.03%
March 12th, 2025 (4 months ago)
|
|
Description: Impact
A specially crafted document could cause an out of bound read, most likely resulting in a crash.
Versions 2.10.0 and 2.10.1 are impacted. Older versions are not.
Patches
Version 2.10.2 fixes the problem.
Workarounds
None.
References
https://github.com/ruby/json/security/advisories/GHSA-9m3q-rhmv-5q44
https://nvd.nist.gov/vuln/detail/CVE-2025-27788
https://github.com/ruby/json/commit/c56db31f800d5d508389793e69682f99749dbadf
https://github.com/ruby/json/releases/tag/v2.10.2
https://github.com/advisories/GHSA-9m3q-rhmv-5q44
CVSS: HIGH (7.5) EPSS Score: 0.1%
March 12th, 2025 (4 months ago)
|
|
CVE-2025-25709 |
Description: An issue in dtp.ae tNexus Airport View v.2.8 allows a remote attacker to escalate privileges via the addUser and updateUser endpoints
CVSS: HIGH (7.5) EPSS Score: 0.05%
March 12th, 2025 (4 months ago)
|
|
CVE-2025-27788 |
Description: JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are available.
CVSS: HIGH (7.5) EPSS Score: 0.1%
March 12th, 2025 (4 months ago)
|
|
CVE-2024-10838 |
Description: An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes or cause denial of service conditions.
CVSS: HIGH (8.8) EPSS Score: 0.05%
March 12th, 2025 (4 months ago)
|
|
CVE-2025-2233 |
Description: Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Hub Local API service, which listens on TCP port 8766 by default. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25615.
CVSS: HIGH (8.8) EPSS Score: 0.01%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-28933 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in maxfoundry MaxA/B allows Stored XSS. This issue affects MaxA/B: from n/a through 2.2.2.
CVSS: HIGH (7.1) EPSS Score: 0.02%
March 11th, 2025 (4 months ago)
|