CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32815 |
Description: An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.
CVSS: MEDIUM (6.5) EPSS Score: 0.08%
May 22nd, 2025 (28 days ago)
|
|
CVE-2025-0679 |
Description: An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full email addresses that should be partially obscured.
CVSS: MEDIUM (4.3) EPSS Score: 0.01% SSVC Exploitation: none
May 22nd, 2025 (28 days ago)
|
|
CVE-2025-0605 |
Description: An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Group access controls could allow certain users to bypass two-factor authentication requirements.
CVSS: MEDIUM (4.6) EPSS Score: 0.03% SSVC Exploitation: none
May 22nd, 2025 (28 days ago)
|
|
CVE-2024-54188 |
Description: Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
May 22nd, 2025 (28 days ago)
|
|
CVE-2024-12093 |
Description: An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.
CVSS: MEDIUM (6.8) EPSS Score: 0.02% SSVC Exploitation: none
May 22nd, 2025 (28 days ago)
|
|
CVE-2025-5076 |
Description: A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in FreeFloat FTP Server 1.0 gefunden. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente SEND Command Handler. Durch das Beeinflussen mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.05%
May 22nd, 2025 (29 days ago)
|
|
CVE-2025-4979 |
Description: An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating their own variable and observing the HTTP response.
CVSS: MEDIUM (4.9) EPSS Score: 0.01%
May 22nd, 2025 (29 days ago)
|
|
CVE-2025-3480 |
MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability
Description: MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Web Portal. The issue results from the lack of encryption when transmitting credentials. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. Was ZDI-CAN-25842.
CVSS: MEDIUM (5.3) EPSS Score: 0.02% SSVC Exploitation: none
May 22nd, 2025 (29 days ago)
|
|
CVE-2025-3111 |
Description: An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service..
CVSS: MEDIUM (6.5) EPSS Score: 0.06%
May 22nd, 2025 (29 days ago)
|
|
CVE-2025-2853 |
Description: An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of proper validation in GitLab could allow an authenticated user to cause a denial of service condition.
CVSS: MEDIUM (6.5) EPSS Score: 0.06%
May 22nd, 2025 (29 days ago)
|