CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24903 |
Description: libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user. The origin of sync messages is not checked. Patched libsignal-service can be found after commit 82d70f6720e762898f34ae76b0894b0297d9b2f8. The `Metadata` struct contains an additional `was_encrypted` field, which breaks the API, but should be easily resolvable. No known workarounds are available.
CVSS: HIGH (8.5) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-24888 |
Description: The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions on the SecureDrop Workstation. Prior to version 0.14.1, a malicious SecureDrop Server could obtain code execution on the SecureDrop Client virtual machine (`sd-app`). SecureDrop Server itself has multiple layers of built-in hardening, and is a dedicated physical machine exposed on the internet only via Tor hidden services for the Source and Journalist interfaces, and optionally via remote SSH access over another Tor hidden service. A newsroom's SecureDrop Workstation communicates only with its own dedicated SecureDrop Server.
The SecureDrop Client runs in a dedicated Qubes virtual machine, named `sd-app`, as part of the SecureDrop Workstation. The private OpenPGP key used to decrypt submissions and replies is stored in a separate virtual machine and never accessed directly. The vulnerability lies in the code responsible for downloading replies. The filename of the reply is obtained from the `Content-Disposition` HTTP header and used to write the encrypted reply on disk. Note that filenames are generated and sanitized server-side, and files are downloaded in an encrypted format, so a remote attacker who has not achieved server compromise, such as one posing as a source, could not craft the HTTP response necessary for this attack.
While the filename is later checked to guard against path traversal before being moved into the Client’s data storage directory, ...
CVSS: HIGH (8.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-24861 |
Description: An attacker may inject commands via specially-crafted post requests.
CVSS: HIGH (7.5) EPSS Score: 0.09%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-24836 |
Description: With a specially crafted Python script, an attacker could send
continuous startMeasurement commands over an unencrypted Bluetooth
connection to the affected device. This would prevent the device from
connecting to a clinician's app to take patient readings and ostensibly
flood it with requests, resulting in a denial-of-service condition.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-22896 |
Description: mySCADA myPRO Manager
stores credentials in cleartext, which could allow an attacker to obtain sensitive information.
CVSS: HIGH (8.6) EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-22480 |
Description: Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges.
CVSS: HIGH (7.0) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-1094 |
Description: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.
CVSS: HIGH (8.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-1070 |
Description: CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device
inoperable when a malicious file is downloaded.
CVSS: HIGH (7.2) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-1060 |
Description: CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure
of data when network traffic is being sniffed by an attacker.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-1059 |
Description: CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could
cause communications to stop when malicious packets are sent to the webserver of the device.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|