CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-23425	WordPress Marekkis Watermark plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marekki Marekkis Watermark allows Reflected XSS. This issue affects Marekkis Watermark: from n/a through 0.9.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-47092	Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api Description: Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1 CVSS: HIGH (7.7) EPSS Score: 0.04% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-21424	Use After Free in NPU Description: Memory corruption while calling the NPU driver APIs concurrently. CVSS: HIGH (7.8) EPSS Score: 0.01% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-0475	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab Description: An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances. CVSS: HIGH (8.7) EPSS Score: 0.12% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-53034	Untrusted Pointer Dereference in DSP_Services Description: Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. CVSS: HIGH (7.8) EPSS Score: 0.01% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-53033	Untrusted Pointer Dereference in DSP_Services Description: Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. CVSS: HIGH (7.8) EPSS Score: 0.01% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-53032	Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform Description: Memory corruption may occur in keyboard virtual device due to guest VM interaction. CVSS: HIGH (7.8) EPSS Score: 0.01% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-53031	Improper Input Validation in Automotive OS Platform Description: Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. CVSS: HIGH (7.8) EPSS Score: 0.02% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-53030	Improper Input Validation in Automotive OS Platform Description: Memory corruption while processing input message passed from FE driver. CVSS: HIGH (7.8) EPSS Score: 0.02% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2024-53029	Improper Input Validation in Automotive OS Platform Description: Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. CVSS: HIGH (7.8) EPSS Score: 0.02% Source: CVE March 3rd, 2025 (4 months ago)