CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24410 |
Description: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24409 |
Description: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.
CVSS: HIGH (8.2) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24407 |
Description: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24406 |
Description: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24042 |
Description: Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
CVSS: HIGH (7.3) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24039 |
Description: Visual Studio Code Elevation of Privilege Vulnerability
CVSS: HIGH (7.3) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24036 |
Description: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVSS: HIGH (7.0) EPSS Score: 0.05%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-23403 |
Description: A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions). The affected device do not properly restrict the user permission for the registry key. This could allow an authenticated attacker to load vulnerable drivers into the system leading to privilege escalation or bypassing endpoint protection and other security measures.
CVSS: HIGH (7.0) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-23363 |
Description: A vulnerability has been identified in Teamcenter (All versions < V14.3.0.0). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.
CVSS: HIGH (7.4) EPSS Score: 0.06%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-22399 |
Description: Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery
CVSS: HIGH (7.9) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|