CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
O2 UK VoLTE Leak Exposes Real-Time Location of Any Customer Through a Phone Call
Description: A critical privacy vulnerability in O2 UK's Voice over LTE (VoLTE) system allows any caller to accurately geolocate any O2 customer simply by initiating a phone call, without their consent or knowledge. The flaw, which leaked detailed network identifiers and location metadata during standard SIP signaling, persisted for months with no action from the mobile … The post O2 UK VoLTE Leak Exposes Real-Time Location of Any Customer Through a Phone Call appeared first on CyberInsider.
Source: CyberInsider
May 19th, 2025 (about 1 month ago)
Mozilla Quickly Patches Two Firefox Zero-Days Uncovered by White-Hats
Description: Mozilla has released emergency updates to Firefox and its extended support releases just one day after two critical vulnerabilities were demonstrated during the Pwn2Own Berlin 2025 competition. The flaws, both affecting JavaScript object handling, were exploited in Firefox's content process but failed to break out of the browser's sandbox. Firefox, a flagship browser maintained by … The post Mozilla Quickly Patches Two Firefox Zero-Days Uncovered by White-Hats appeared first on CyberInsider.
Source: CyberInsider
May 19th, 2025 (about 1 month ago)
IT chiefs of UK's massive health service urge vendors to make public security pledge
Source: TheRegister
May 19th, 2025 (about 1 month ago)

CVE-2025-37891
ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
Description: In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max size for a MIDI1 UMP packet data. However, the implementation overlooked that SysEx is handled in a different format, and it can be up to 6 bytes, as found in do_convert_to_ump(). It leads eventually to a buffer overflow, and may corrupt the memory when a longer SysEx message is received. The fix is simply to extend the buffer size to 6 to fit with the SysEx UMP message.

EPSS Score: 0.02%

Source: CVE
May 19th, 2025 (about 1 month ago)
Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor
Description: Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a stack-based buffer overflow vulnerability.
Source: Japan Vulnerability Notes (JVN)
May 19th, 2025 (about 1 month ago)
Eeek! p0wned Alabama hit by unspecified 'cybersecurity event'
Source: TheRegister
May 19th, 2025 (about 1 month ago)
China launches an AI cloud into orbit -12 sats for now, 2,800 in coming years
Source: TheRegister
May 19th, 2025 (about 1 month ago)
🏴‍☠️ Stormous has just published a new victim : www.atolon-parkhotel.com
Description: CVs - FACTURES - Hwawei.com - AA GROUPE 2025 - RESERVATION 2025 - PERSONNELS - INFOS - STAGIAIRES .....
Source: Ransomware.live
May 19th, 2025 (about 1 month ago)
Ex-NSA bad-guy hunter listened to Scattered Spider's fake help-desk calls: 'Those guys are good'
Source: TheRegister
May 18th, 2025 (about 1 month ago)
🏴‍☠️ Medusa has just published a new victim : DSI Tech
Description: DSI Tech (founded in 1991) is a certified minority-owned small business that has grown into a it value-add reseller and service provider of industry vendor products and solutions. DSI Tech corporate office is located in 44670 Cape Ct Ste 100, Ashburn, Virginia, 20147, United States and has 223 employees. The total amount of data leakage is 399.10 GB
Source: Ransomware.live
May 18th, 2025 (about 1 month ago)