CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-36884 |
Description: Executive Summary
Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders' resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors than state-backed intrusions. Despite this overwhelming volume, cybercrime receives much less attention from national security practitioners than the threat from state-backed groups. While the threat from state-backed hacking is rightly understood to be severe, it should not be evaluated in isolation from financially motivated intrusions.
A hospital disrupted by a state-backed group using a wiper and a hospital disrupted by a financially motivated group using ransomware have the same impact on patient care. Likewise, sensitive data stolen from an organization and posted on a data leak site can be exploited by an adversary in the same way data exfiltrated in an espionage operation can be. These examples are particularly salient today, as criminals increasingly target and leak data from hospitals. Healthcare's share of posts on data leak sites has doubled over the past three years, even as the number of data leak sites tracked by Google Threat Intelligence Group has increased by nearly 50% year over year. The impact of these attacks mean that they must be taken seriously as a national security threat, no matter the motivation of the actors behind it.
Cybercrime also facilitates state-backed hacking by allowing states to purchas...
CVSS: HIGH (7.5)
February 12th, 2025 (5 months ago)
|
|
CVE-2025-26492 |
Description: In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
CVSS: HIGH (7.7) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-26491 |
Description: A vulnerability has been identified in Opcenter Intelligence (All versions < V2501). Server-side request forgery (SSRF) vulnerability in Tableau Server. For details go to help.salesforce.com and search for knowledge article id 001534936.
CVSS: HIGH (7.7) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-25243 |
Description: SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability.
CVSS: HIGH (8.6) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-25203 |
Description: CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting (XSS) vulnerability exists in the `TicketsController` and `Moderation/TicketsController` due to insufficient input validation on the `priority` field during ticket creation and unsafe rendering of this field in the moderator panel. Version 1.0 contains a patch for the issue.
CVSS: HIGH (8.1) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24900 |
Description: Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Due to a lack of CSRF countermeasures and improper settings of cookies for MediaProxy authentication, there is a vulnerability that allows MediaProxy authentication to be bypassed. In versions prior to 12.25Q1.1, the authentication cookie does not have the SameSite attribute. This allows an attacker to bypass MediaProxy authentication and load any image without restrictions under certain circumstances. In versions prior to 12.24Q2.3, this cookie was also used to authenticate the job queue management page (bull-board), so bull-board authentication is also bypassed. This may enable attacks that have a significant impact on availability and integrity.
The affected versions are too old to be covered by this advisory, but the maintainers of Concorde strongly recommend not using older versions. Version 12.25Q1.1 contains a patch. There is no effective workaround other than updating.
CVSS: HIGH (8.6) EPSS Score: 0.05%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24897 |
Description: Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to a lack of CSRF protection and the lack of proper security attributes in the authentication cookies of Bull's dashboard, some of the APIs of bull-board may be subject to CSRF attacks. There is a risk of this vulnerability being used for attacks with relatively large impact on availability and integrity, such as the ability to add arbitrary jobs. This vulnerability was fixed in 2025.2.0-alpha.0. As a workaround, block all access to the `/queue` directory with a web application firewall (WAF).
CVSS: HIGH (8.2) EPSS Score: 0.04%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24896 |
Description: Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, a login token named `token` is stored in a cookie for authentication purposes in Bull Dashboard, but this remains undeleted even after logout is performed. The primary affected users will be users who have logged into Misskey using a public PC or someone else's device, but it's possible that users who have logged out of Misskey before lending their PC to someone else could also be affected. Version 2025.2.0-alpha.0 contains a fix for this issue.
CVSS: HIGH (8.1) EPSS Score: 0.09%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24876 |
Description: The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application
CVSS: HIGH (8.1) EPSS Score: 0.05%
February 12th, 2025 (5 months ago)
|
|
CVE-2025-24868 |
Description: The User Account and Authentication service (UAA) for SAP HANA extended application services, advanced model (SAP HANA XS advanced model) allows an unauthenticated attacker to craft a malicious link, that, when clicked by a victim, redirects the browser to a malicious site due to insufficient redirect URL validation. On successful exploitation attacker can cause limited impact on confidentiality, integrity, and availability of the system.
CVSS: HIGH (7.1) EPSS Score: 0.05%
February 12th, 2025 (5 months ago)
|