CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-1851
Tenda AC7 SetFirewallCfg formSetFirewallCfg stack-based overflow
Description: A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in Tenda AC7 bis 15.03.06.44 gefunden. Betroffen hiervon ist die Funktion formSetFirewallCfg der Datei /goform/SetFirewallCfg. Durch Manipulieren des Arguments firewallEn mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.7)

EPSS Score: 0.05%

Source: CVE
March 3rd, 2025 (4 months ago)

CVE-2025-1814
Tenda AC6 WifiExtraSet stack-based overflow
Description: A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in Tenda AC6 15.03.05.16 entdeckt. Dies betrifft einen unbekannten Teil der Datei /goform/WifiExtraSet. Durch Manipulation des Arguments wpapsk_crypto mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (8.7)

EPSS Score: 0.06%

Source: CVE
March 2nd, 2025 (4 months ago)

CVE-2025-1804
Blizzard Battle.Net profapi.dll uncontrolled search path
Description: A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. Eine Schwachstelle wurde in Blizzard Battle.Net bis 2.39.0.15212 für Windows gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code in der Bibliothek profapi.dll. Mittels Manipulieren mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Die Komplexität eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar.

CVSS: HIGH (7.3)

EPSS Score: 0.01%

Source: CVE
March 1st, 2025 (4 months ago)

CVE-2024-13833
Album Gallery – WordPress Gallery <= 1.6.3 - Authenticated (Editor+) PHP Object Injection via Gallery Meta
Description: The Album Gallery – WordPress Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.6.3 via deserialization of untrusted input from gallery meta. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

CVSS: HIGH (7.2)

EPSS Score: 0.14%

Source: CVE
March 1st, 2025 (4 months ago)

CVE-2024-13910
Database Backup and check Tables Automated With Scheduler 2024 <= 2.36 - Authenticated (Administrator+) Arbitrary File Deletion
Description: The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'database_backup_ajax_delete' function in all versions up to, and including, 2.35. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The vulnerability was partially patched in version 2.36.

CVSS: HIGH (7.2)

EPSS Score: 0.71%

Source: CVE
March 1st, 2025 (4 months ago)

CVE-2024-13611
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Unauthenticated Sensitive Information Exposure...
Description: The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the 'bp-better-messages' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/bp-better-messages directory which can contain file attachments included in chat messages.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
March 1st, 2025 (4 months ago)

CVE-2024-49960
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-802)
Description: Nessus Plugin ID 216951 with High Severity Synopsis The remote Amazon Linux 2023 host is missing a security update. Description It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-802 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount (CVE-2024-49960) In the Linux kernel, the following vulnerability has been resolved: net: do not delay dst_entries_add() in dst_release() (CVE-2024-50036) In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args (CVE-2024-50067) In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ntfs_file_release (CVE-2024-50242) In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check if more than chunk-size bytes are written (CVE-2024-50247) In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in get_info() (CVE-2024-50257) In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() (CVE-2024-50262) In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (CVE-2024-50264) In the Linux kernel, the following vulnerability has been resolve...

CVSS: HIGH (7.8)

EPSS Score: 0.03%

Source: Tenable Plugins
March 1st, 2025 (4 months ago)

CVE-2023-40022
Fedora 40 : cutter-re / rizin (2025-6f77f6c77a)
Description: Nessus Plugin ID 216954 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-6f77f6c77a advisory. CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports CVE-2024-31670 rizin: buffer overflow via create_cache_bins CVE-2024-31668 rizin: improper neutralization of special elements via meta_set function CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code ---- rizin 0.7.2 / cutter-re 2.3.4 (fix changelog) ---- rizin 0.7.2 / cutter-re 2.3.4Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Update the affected cutter-re and / or rizin packages. Read more at https://www.tenable.com/plugins/nessus/216954

CVSS: HIGH (7.8)

Source: Tenable Plugins
March 1st, 2025 (4 months ago)

CVE-2024-13911
Database Backup and check Tables Automated With Scheduler 2024 <= 2.35 - Authenticated (Administrator+) Sensitive Information Exposure
Description: The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35 via the /dashboard/backup.php file. This makes it possible for authenticated attackers, with Administrator-level access and above, to extract sensitive data including full database credentials.

CVSS: HIGH (7.2)

EPSS Score: 0.1%

Source: CVE
March 1st, 2025 (4 months ago)

CVE-2024-12544
SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 1.12.17 - Missing Authorization to Auth...
Description: The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJS_DeleteFile class in all versions up to, and including, 1.12.17. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This function is still vulnerable to Cross-Site Request Forgery as of 1.12.20.

CVSS: HIGH (8.8)

EPSS Score: 0.23%

Source: CVE
March 1st, 2025 (4 months ago)