CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5054 |
Description: Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.
When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).
CVSS: MEDIUM (4.7) EPSS Score: 0.01%
May 30th, 2025 (18 days ago)
|
|
CVE-2025-48887 |
Description: vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expression Denial of Service (ReDoS) vulnerability in the file `vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py` of versions 0.6.4 up to but excluding 0.9.0. The root cause is the use of a highly complex and nested regular expression for tool call detection, which can be exploited by an attacker to cause severe performance degradation or make the service unavailable. The pattern contains multiple nested quantifiers, optional groups, and inner repetitions which make it vulnerable to catastrophic backtracking. Version 0.9.0 contains a patch for the issue.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
May 30th, 2025 (18 days ago)
|
|
CVE-2024-25676 |
Description: An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading.
CVSS: MEDIUM (4.7) EPSS Score: 0.14% SSVC Exploitation: none
May 30th, 2025 (18 days ago)
|
|
CVE-2024-24720 |
Description: An issue was discovered in the Forgot password function in Innovaphone PBX before 14r1 devices. It provides information about whether a user exists on a system.
CVSS: MEDIUM (5.3) EPSS Score: 0.16% SSVC Exploitation: none
May 30th, 2025 (18 days ago)
|
|
CVE-2024-7097 |
Description: An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper authorization.
Exploitation of this flaw could allow an attacker to create multiple low-privileged user accounts, gaining unauthorized access to the system. Additionally, continuous exploitation could lead to system resource exhaustion through mass user creation.
CVSS: MEDIUM (4.3) EPSS Score: 0.21%
May 30th, 2025 (18 days ago)
|
|
CVE-2024-42191 |
Description: HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
CVSS: MEDIUM (6.5) EPSS Score: 0.01%
May 30th, 2025 (18 days ago)
|
|
CVE-2024-42190 |
Description: HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
CVSS: MEDIUM (6.5) EPSS Score: 0.01%
May 30th, 2025 (18 days ago)
|
|
CVE-2024-23589 |
Description: Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs
CVSS: MEDIUM (6.8) EPSS Score: 0.01% SSVC Exploitation: none
May 30th, 2025 (18 days ago)
|
|
CVE-2024-13916 |
Description: An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.
Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code.
Vendor did not provide information about vulnerable versions.
Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability
CVSS: MEDIUM (6.9) EPSS Score: 0.02% SSVC Exploitation: none
May 30th, 2025 (18 days ago)
|
|
CVE-2024-13915 |
Description: Android based smartphones from vendors such as Ulefone and Krüger&Matz contain "com.pri.factorytest" application preloaded onto devices during manufacturing process.
The application "com.pri.factorytest" (version name: 1.0, version code: 1) exposes a ”com.pri.factorytest.emmc.FactoryResetService“ service allowing any application to perform a factory reset of the device.
Application update did not increment the APK version. Instead, it was bundled in OS builds released later than December 2024 (Ulefone) and most probably March 2025 (Krüger&Matz, although the vendor has not confirmed it, so newer releases might be vulnerable as well).
CVSS: MEDIUM (6.9) EPSS Score: 0.02%
May 30th, 2025 (18 days ago)
|