CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Google has released emergency security updates to patch a high-severity Chrome vulnerability that has a public exploit and can let attackers hijack accounts. [...]
May 15th, 2025 (about 1 month ago)
|
|
May 15th, 2025 (about 1 month ago)
|
|
Description: Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability.
May 15th, 2025 (about 1 month ago)
|
|
|
Description: Gardner Orthopedics is an orthopedic practice based in Fort Myers, Florida, offering a wide range of services including orthopedic surgery, regenerative medicine, and rehabilitation. The clinic specializes in treating various conditions related to bones, joints, ligaments, and muscles, with a focus on keeping patients active. Led by board-certified orthopedic surgeon Ronald Gardner, the facility caters to adult patients in need of orthopedic care. The organization aims to provide comprehensive solutions for injuries and ailments affecting the musculoskeletal system.
May 15th, 2025 (about 1 month ago)
|
CVE-2025-44879 |
Description: WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
EPSS Score: 0.33%
May 14th, 2025 (about 1 month ago)
|
|
CVE-2025-29691 |
Description: A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.
EPSS Score: 0.03%
May 14th, 2025 (about 1 month ago)
|
|
CVE-2025-29690 |
Description: A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the outtype parameter at /address/AddrController.java.
EPSS Score: 0.03%
May 14th, 2025 (about 1 month ago)
|
|
CVE-2025-29688 |
Description: A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /daymanager/daymanageabilitycontroller.java.
EPSS Score: 0.03%
May 14th, 2025 (about 1 month ago)
|
|
CVE-2025-29686 |
Description: A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java.
EPSS Score: 0.03%
May 14th, 2025 (about 1 month ago)
|
|
CVE-2025-47886 |
Description: A cross-site request forgery (CSRF) vulnerability in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a_740b_a_48 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.
EPSS Score: 0.02%
May 14th, 2025 (about 1 month ago)
|