CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-25198 |
Description: mailcow: dockerized is an open source groupware/email suite based on docker. Prior to version 2025-01a, a vulnerability in mailcow's password reset functionality allows an attacker to manipulate the `Host HTTP` header to generate a password reset link pointing to an attacker-controlled domain. This can lead to account takeover if a user clicks the poisoned link. Version 2025-01a contains a patch. As a workaround, deactivate the password reset functionality by clearing `Notification email sender` and `Notification email subject` under System -> Configuration -> Options -> Password Settings.
CVSS: HIGH (7.1) EPSS Score: 0.06%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-23359 |
Description: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVSS: HIGH (8.3) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-1146 |
Description: CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack. CrowdStrike identified this issue internally and released a security fix in all Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor versions 7.06 and above.
CrowdStrike identified this issue through our longstanding, rigorous security review process, which has been continually strengthened with deeper source code analysis and ongoing program enhancements as part of our commitment to security resilience. CrowdStrike has no indication of any exploitation of this issue in the wild. CrowdStrike has leveraged its world class threat hunting and intelligence capabilities to actively monitor for signs of abuse or usage of this flaw and will continue to do so.
Windows and Mac sensors are not affected by this.
CVSS: HIGH (8.1) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0937 |
Description: Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0556 |
Description: In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.
CVSS: HIGH (8.8) EPSS Score: 0.09%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0511 |
Description: The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 2.11.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: HIGH (7.2) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0376 |
Description: An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0332 |
Description: In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.
CVSS: HIGH (7.8) EPSS Score: 0.09%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0111 |
🚨 Marked as known exploited on February 20th, 2025 (5 months ago).
Description: An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW or Prisma Access software.
CVSS: HIGH (7.1) EPSS Score: 2.94%
February 13th, 2025 (5 months ago)
|
|
CVE-2025-0110 |
Description: A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the “__openconfig” user (which has the Device Administrator role) on the firewall.
You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
CVSS: HIGH (8.6) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|