CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1675 |
Description: The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data.
CVSS: HIGH (8.2) EPSS Score: 0.08%
February 25th, 2025 (5 months ago)
|
|
CVE-2025-1674 |
Description: A lack of input validation allows for out of bounds reads caused by malicious or malformed packets.
CVSS: HIGH (8.2) EPSS Score: 0.07%
February 25th, 2025 (5 months ago)
|
|
CVE-2025-1673 |
Description: A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation.
CVSS: HIGH (8.2) EPSS Score: 0.08%
February 25th, 2025 (5 months ago)
|
|
CVE-2025-1648 |
Description: The Yawave plugin for WordPress is vulnerable to SQL Injection via the 'lbid' parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVSS: HIGH (7.5) EPSS Score: 0.11%
February 25th, 2025 (5 months ago)
|
|
CVE-2025-22210 |
Description: A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the category management area in backend.
CVSS: HIGH (7.2) EPSS Score: 0.04%
February 25th, 2025 (5 months ago)
|
|
CVE-2025-26529 |
Description: Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-26529
https://moodle.org/mod/forum/discuss.php?d=466145
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145
https://github.com/advisories/GHSA-wr88-x8cm-7cgq
CVSS: HIGH (8.3) EPSS Score: 0.05%
February 24th, 2025 (5 months ago)
|
|
CVE-2025-26530 |
Description: The question bank filter required additional sanitizing to prevent a reflected XSS risk.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-26530
https://moodle.org/mod/forum/discuss.php?d=466146
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84146
https://github.com/advisories/GHSA-4w32-c9g7-27qx
CVSS: HIGH (8.3) EPSS Score: 0.05%
February 24th, 2025 (5 months ago)
|
|
CVE-2025-26533 |
Description: An SQL injection risk was identified in the module list filter within course search.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-26533
https://moodle.org/mod/forum/discuss.php?d=466150
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271
https://github.com/advisories/GHSA-rg56-94j7-hjx9
CVSS: HIGH (8.1) EPSS Score: 0.05%
February 24th, 2025 (5 months ago)
|
|
CVE-2025-26533 |
Description: An SQL injection risk was identified in the module list filter within course search.
CVSS: HIGH (8.1) EPSS Score: 0.05%
February 24th, 2025 (5 months ago)
|
|
CVE-2025-26530 |
Description: The question bank filter required additional sanitizing to prevent a reflected XSS risk.
CVSS: HIGH (8.3) EPSS Score: 0.05%
February 24th, 2025 (5 months ago)
|