CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-20112 |
Description:
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to excessive permissions that have been assigned to system commands. An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-kkhZbHR5
Security Impact Rating: Medium
CVE: CVE-2025-20112
CVSS: MEDIUM (5.1) EPSS Score: 0.01%
May 21st, 2025 (30 days ago)
|
|
CVE-2025-20258 |
Description:
A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into emails that are sent by the service.
This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands into a portion of an email that is sent by the service. A successful exploit could allow the attacker to send emails that contain malicious content to unsuspecting users.
Cisco Duo has addressed this vulnerability in the service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-ssp-cmd-inj-RCmYrNA
Security Impact Rating: Medium
CVE: CVE-2025-20258
CVSS: MEDIUM (5.4) EPSS Score: 0.02%
May 21st, 2025 (30 days ago)
|
|
CVE-2025-20256 |
Description:
A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system.
This vulnerability is due to insufficient input validation in specific fields of the web-based management interface. An attacker with valid administrative credentials could exploit this vulnerability by sending crafted input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-ssti-dPuLqSmZ
Security Impact Rating: Medium
CVE: CVE-2025-20256
CVSS: MEDIUM (6.5) EPSS Score: 0.06%
May 21st, 2025 (30 days ago)
|
|
CVE-2025-20246 |
Description:
Multiple vulnerabilities in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.
These vulnerabilities are due to improper filtering of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user to follow a malicious link. A successful exploit could allow the attacker to conduct a cross-site scripting attack against the targeted user.
Cisco has addressed these vulnerabilities in the service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address the vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-7teQtFn8
Security Impact Rating: Medium
CVE: CVE-2025-20246,CVE-2025-20247,CVE-2025-20250
CVSS: MEDIUM (6.1) EPSS Score: 0.04%
May 21st, 2025 (30 days ago)
|
|
CVE-2025-20242 |
Description:
A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE) could allow an unauthenticated, remote attacker to read and modify data on an affected device.
This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port on an affected device. A successful exploit could allow the attacker to read or modify data on the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-contcent-insuffacces-ArDOVhN8
Security Impact Rating: Medium
CVE: CVE-2025-20242
CVSS: MEDIUM (6.5) EPSS Score: 0.01%
May 21st, 2025 (30 days ago)
|
|
CVE-2025-5029 |
Description: A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch April 2025 and classified as critical. Affected by this vulnerability is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file fileUpload/deleteFileAction.jhtml of the component File Handler. The manipulation of the argument filePath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. In Kingdee Cloud Galaxy Private Cloud BBC System bis 9.0 Patch April 2025 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist die Funktion BaseServiceFactory.getFileUploadService.deleteFileAction der Datei fileUpload/deleteFileAction.jhtml der Komponente File Handler. Durch Beeinflussen des Arguments filePath mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird Patching empfohlen.
CVSS: MEDIUM (5.4) EPSS Score: 0.06% SSVC Exploitation: none
May 21st, 2025 (about 1 month ago)
|
|
CVE-2024-23337 |
Description: jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue.
CVSS: MEDIUM (4.3) EPSS Score: 0.05% SSVC Exploitation: poc
May 21st, 2025 (about 1 month ago)
|
|
CVE-2025-44895 |
Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter in the web_acl_ipv4BasedAceAdd function.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 21st, 2025 (about 1 month ago)
|
|
CVE-2025-44892 |
Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ownekey parameter in the web_rmon_alarm_post_rmon_alarm function.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
May 21st, 2025 (about 1 month ago)
|
|
CVE-2024-42922 |
Description: AAPanel v7.0.7 was discovered to contain an OS command injection vulnerability.
CVSS: MEDIUM (6.5) EPSS Score: 5.51%
May 21st, 2025 (about 1 month ago)
|