CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-55581	When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because... Description: When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate (unless the using program specifies a TLS configuration). EPSS Score: 0.02% Source: CVE February 26th, 2025 (5 months ago)
	GrassCall scam drains crypto wallets through fake web3 job interviews Description: A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets. [...] Source: BleepingComputer February 26th, 2025 (5 months ago)
	Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet Source: TheRegister February 26th, 2025 (5 months ago)
CVE-2024-53573	Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for... Description: Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/{id}. EPSS Score: 0.06% Source: CVE February 26th, 2025 (5 months ago)
	AI-Fueled Tax Scams on the Rise Source: Dark Reading February 26th, 2025 (5 months ago)
CVE-2025-1634	[io.quarkus:quarkus-resteasy] io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout Description: A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError. References https://nvd.nist.gov/vuln/detail/CVE-2025-1634 https://access.redhat.com/security/cve/CVE-2025-1634 https://bugzilla.redhat.com/show_bug.cgi?id=2347319 https://github.com/quarkusio/quarkus/issues/46412 https://github.com/quarkusio/quarkus/commit/80b8eb41678cdccb46e964dc324d048a5ef00f4b https://github.com/advisories/GHSA-4fwr-mh5q-hchh EPSS Score: 0.07% Source: Github Advisory Database (Maven) February 26th, 2025 (5 months ago)
	Onapsis Introduces Control Central for New Era of RISE With SAP Source: Dark Reading February 26th, 2025 (5 months ago)
	Menlo Security Acquires Votiro Source: Dark Reading February 26th, 2025 (5 months ago)
CVE-2024-57423	A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter... Description: A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function. EPSS Score: 0.06% Source: CVE February 26th, 2025 (5 months ago)
CVE-2024-50696	SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an... Description: SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiNet connectivity dongle with a bogus firmware file that is located on attacker-controlled server. EPSS Score: 0.02% Source: CVE February 26th, 2025 (5 months ago)