CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1123 |
Description: The Solid Mail – SMTP email and logging made by SolidWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email Name, Subject, and Body in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: HIGH (7.2) EPSS Score: 0.07% SSVC Exploitation: none
May 23rd, 2025 (23 days ago)
|
|
CVE-2025-5105 |
Description: A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before release. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Eine Schwachstelle wurde in TOZED ZLT W51 bis 1.4.2 gefunden. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil der Komponente Service Port 7777. Durch die Manipulation mit unbekannten Daten kann eine improper clearing of heap memory before release-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (7.3) EPSS Score: 0.06%
May 23rd, 2025 (23 days ago)
|
|
CVE-2025-41407 |
Description: Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report.
CVSS: HIGH (8.3) EPSS Score: 0.03%
May 23rd, 2025 (23 days ago)
|
|
CVE-2025-3893 |
Description: While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability.
Version 5.20 of MegaBIP fixes this issue.
CVSS: HIGH (8.6) EPSS Score: 0.03%
May 23rd, 2025 (23 days ago)
|
|
CVE-2025-36527 |
Description: Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports.
CVSS: HIGH (8.3) EPSS Score: 0.03%
May 23rd, 2025 (23 days ago)
|
|
CVE-2024-13945 |
Description: Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data
if administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVSS: HIGH (8.4) EPSS Score: 0.06%
May 23rd, 2025 (23 days ago)
|
|
CVE-2025-5100 |
Description: A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve memory corruption and potentially arbitrary code execution.
CVSS: HIGH (8.0) EPSS Score: 0.02%
May 23rd, 2025 (23 days ago)
|
|
CVE-2025-47181 |
Description: Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (8.8) EPSS Score: 0.06%
May 22nd, 2025 (23 days ago)
|
|
Description: Summary
When using the fiber.Ctx.BodyParser to parse into a struct with range values, a panic occurs when trying to parse a negative range index
Details
fiber.Ctx.BodyParser can map flat data to nested slices using key[idx]value syntax, however when idx is negative, it causes a panic instead of returning an error stating it cannot process the data.
Since this data is user-provided, this could lead to denial of service for anyone relying on this fiber.Ctx.BodyParser functionality
Reproducing
Take a simple GoFiberV2 server which returns a JSON encoded version of the FormData
package main
import (
"encoding/json"
"fmt"
"net/http"
"github.com/gofiber/fiber/v2"
)
type RequestBody struct {
NestedContent []*struct {
Value string `form:"value"`
} `form:"nested-content"`
}
func main() {
app := fiber.New()
app.Post("/", func(c *fiber.Ctx) error {
formData := RequestBody{}
if err := c.BodyParser(&formData); err != nil {
fmt.Println(err)
return c.SendStatus(http.StatusUnprocessableEntity)
}
c.Set("Content-Type", "application/json")
s, _ := json.Marshal(formData)
return c.SendString(string(s))
})
fmt.Println(app.Listen(":3000"))
}
Correct Behaviour
Send a valid request such as:
curl --location 'localhost:3000' \
--form 'nested-content[0].value="Foo"' \
--form 'nested-content[1].value="Bar"'
You recieve valid JSON
{"NestedContent":[{...
CVSS: HIGH (7.7) EPSS Score: 0.05%
May 22nd, 2025 (23 days ago)
|
|
|
Description: Pingora versions prior to 0.5.0 which used the caching functionality in pingora-proxy did not properly drain the downstream request body on cache hits.
This allows an attacker to craft malicious HTTP/1.1 requests which could lead to request smuggling or cache poisoning.
This flaw was corrected in commit fda3317ec822678564d641e7cf1c9b77ee3759ff by ensuring that the downstream request body is always drained before a connection can be reused.
See the blog post for more information.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4366
https://blog.cloudflare.com/resolving-a-request-smuggling-vulnerability-in-pingora
https://github.com/cloudflare/pingora
https://rustsec.org/advisories/RUSTSEC-2025-0037.html
https://github.com/advisories/GHSA-3qmp-g57h-rxf2
CVSS: HIGH (7.4) EPSS Score: 0.04%
May 22nd, 2025 (23 days ago)
|