CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1060 |
Description: CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure
of data when network traffic is being sniffed by an attacker.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-1059 |
Description: CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could
cause communications to stop when malicious packets are sent to the webserver of the device.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-1058 |
Description: CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device
inoperable when malicious firmware is downloaded.
CVSS: HIGH (7.2) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-0816 |
Description: CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the
product when malicious IPV6 packets are sent to the device.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-0815 |
Description: CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the
product when malicious ICMPV6 packets are sent to the device.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2025-0327 |
Description: CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit
trail data and the other acting as server managing client request) that could cause a loss of Confidentiality,
Integrity and Availability of engineering workstation when an attacker with standard privilege modifies the
executable path of the windows services. To be exploited, services need to be restarted.
CVSS: HIGH (8.5) EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-6911 |
Description: Files on the Windows system are accessible without authentication to external parties due to a local file inclusion in PerkinElmer ProcessPlus.This issue affects ProcessPlus: through 1.11.6507.0.
CVSS: HIGH (8.7) EPSS Score: 0.97%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-5672 |
Description: A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.
CVSS: HIGH (7.2) EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-5585 |
Description: In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
CVSS: HIGH (7.7) EPSS Score: 0.33%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-5498 |
Description: Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS: HIGH (8.8) EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|