CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-0994
Trimble Cityworks Deserialization Vulnerability
Description: Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: CISA KEV
February 7th, 2025 (5 months ago)

CVE-2025-0994
CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution. "This could

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: TheHackerNews
February 7th, 2025 (5 months ago)

CVE-2025-0781
Fedora 40 : FlightGear / SimGear (2025-725bba93b2)
Description: Nessus Plugin ID 215077 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-725bba93b2 advisory. Fix CVE-2025-0781Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected FlightGear and / or SimGear packages. Read more at https://www.tenable.com/plugins/nessus/215077

CVSS: HIGH (8.6)

EPSS Score: 0.05%

Source: Tenable Plugins
February 7th, 2025 (5 months ago)

CVE-2024-52531
RHEL 8 : libsoup (RHSA-2025:1075)
Description: Nessus Plugin ID 215081 with High Severity Synopsis The remote Red Hat host is missing a security update for libsoup. Description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1075 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL libsoup package based on the guidance in RHSA-2025:1075. Read more at https://www.tenable.com/plugins/nessus/215081

CVSS: HIGH (8.4)

EPSS Score: 0.1%

Source: Tenable Plugins
February 7th, 2025 (5 months ago)

CVE-2024-52531
RHEL 7 : libsoup (RHSA-2025:1047)
Description: Nessus Plugin ID 215090 with High Severity Synopsis The remote Red Hat host is missing a security update for libsoup. Description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1047 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL libsoup package based on the guidance in RHSA-2025:1047. Read more at https://www.tenable.com/plugins/nessus/215090

CVSS: HIGH (8.4)

EPSS Score: 0.1%

Source: Tenable Plugins
February 7th, 2025 (5 months ago)

CVE-2025-24787
Parameter injection in DB connection URIs leading to local file inclusion in WhoDB
Description: WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build database connection URIs which are then passed to corresponding libraries responsible for setting up the database connections. This string concatenation is done unsafely and without escaping or encoding the user input. This allows an user, in many cases, to inject arbitrary parameters into the URI string. These parameters can be potentially dangerous depending on the libraries used. One of these dangerous parameters is `allowAllFiles` in the library `github.com/go-sql-driver/mysql`. Should this be set to `true`, the library enables running the `LOAD DATA LOCAL INFILE` query on any file on the host machine (in this case, the machine that WhoDB is running on). By injecting `&allowAllFiles=true` into the connection URI and connecting to any MySQL server (such as an attacker-controlled one), the attacker is able to read local files. This issue has been addressed in version 0.45.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS: HIGH (8.6)

EPSS Score: 0.04%

Source: CVE
February 7th, 2025 (5 months ago)

CVE-2025-23236
Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation,...
Description: Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
February 7th, 2025 (5 months ago)

CVE-2025-23217
Mitmweb API Authentication Bypass Using Proxy Server
Description: mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server (bound to `*:8080` by default) to access mitmweb's internal API (bound to `127.0.0.1:8081` by default). In other words, while the cannot access the API directly, they can access the API through the proxy. An attacker may be able to escalate this SSRF-style access to remote code execution. The mitmproxy and mitmdump tools are unaffected. Only mitmweb is affected. This vulnerability has been fixed in mitmproxy 11.1.2 and above. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS: HIGH (8.2)

EPSS Score: 0.05%

Source: CVE
February 7th, 2025 (5 months ago)

CVE-2025-21408
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.13%

Source: CVE
February 7th, 2025 (5 months ago)

CVE-2025-21342
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.13%

Source: CVE
February 7th, 2025 (5 months ago)