CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-57064	A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows attackers to cause a Denial of Service (DoS) via... Description: A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. EPSS Score: 0.04% Source: CVE February 6th, 2025 (5 months ago)
CVE-2024-57063	A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted... Description: A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. EPSS Score: 0.04% Source: CVE February 6th, 2025 (5 months ago)
CVE-2024-54853	A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager versions 13.2.170 and earlier that allows remote... Description: A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager versions 13.2.170 and earlier that allows remote authenticated users to store malicious payloads in the affected field that would then execute in an unsuspecting victim's browser. EPSS Score: 0.04% Source: CVE February 6th, 2025 (5 months ago)
CVE-2024-48394	A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the NDD Print solution, which could allow an... Description: A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the NDD Print solution, which could allow an unprivileged user to exploit this flaw and gain SYSTEM-level access on the device. The vulnerability affects version 5.24.3 and before of the software. EPSS Score: 0.04% Source: CVE February 6th, 2025 (5 months ago)
CVE-2024-3411	Insufficient Randomness When Validating an IPMI Authenticated Session Description: Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device. EPSS Score: 0.05% Source: CVE February 6th, 2025 (5 months ago)
CVE-2024-32405	Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the... Description: Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function. EPSS Score: 0.04% Source: CVE February 6th, 2025 (5 months ago)
	Robocallers who called the FCC pretending to be from the FCC land telco in trouble Source: TheRegister February 6th, 2025 (5 months ago)
	Moroccan Soldiers Targeted Multiple Websites Description: Moroccan Soldiers Targeted Multiple Websites Source: DarkWebInformer February 5th, 2025 (5 months ago)
	Daily Dose of Dark Web Informer - February 5th, 2025 Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts. Source: DarkWebInformer February 5th, 2025 (5 months ago)
	Microsoft script updates bootable media for BlackLotus bootkit fixes Description: Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...] Source: BleepingComputer February 5th, 2025 (5 months ago)