CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47294 |
Description: A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request.
CVSS: MEDIUM (5.3) EPSS Score: 0.08%
May 28th, 2025 (22 days ago)
|
|
CVE-2025-25029 |
Description: IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input.
CVSS: MEDIUM (4.9) EPSS Score: 0.03%
May 28th, 2025 (22 days ago)
|
|
CVE-2025-25026 |
Description: IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 28th, 2025 (22 days ago)
|
|
CVE-2025-25025 |
Description: IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
May 28th, 2025 (22 days ago)
|
|
Description: Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27SEC Consult Vulnerability Lab Security Advisory < 20250521-0 >
=======================================================================
title: Multiple Vulnerabilities
product: eCharge Hardy Barth cPH2 and cPP2 charging stations
vulnerable version: 2.2.0
fixed version: Not available
CVE number: CVE-2025-27803, CVE-2025-27804, CVE-2025-48413,
CVE-2025-48414, CVE-2025-48415,...
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
May 28th, 2025 (22 days ago)
|
|
CVE-2025-2796 |
Description: On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be forwarded due to this vulnerability.
Note: this issue does not affect VXLANSec or MACSec encryption functionality.
CVSS: MEDIUM (5.3) EPSS Score: 0.02%
May 27th, 2025 (22 days ago)
|
|
CVE-2024-45094 |
Description: IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (5.5) EPSS Score: 0.03%
May 27th, 2025 (22 days ago)
|
|
CVE-2024-11185 |
Description: On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
May 27th, 2025 (22 days ago)
|
|
Description: A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4057
https://access.redhat.com/security/cve/CVE-2025-4057
https://bugzilla.redhat.com/show_bug.cgi?id=2362827
https://access.redhat.com/errata/RHSA-2025:8147
https://github.com/advisories/GHSA-q5q7-8x6x-hcg2
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
May 27th, 2025 (22 days ago)
|
|
CVE-2025-5283 |
Description: Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVSS: MEDIUM (5.4) EPSS Score: 0.08%
May 27th, 2025 (22 days ago)
|