CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-25221	A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload... Description: A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php. EPSS Score: 0.15% SSVC Exploitation: poc Source: CVE May 12th, 2025 (about 2 months ago)
CVE-2024-25220	Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php. Description: Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php. EPSS Score: 0.08% SSVC Exploitation: poc Source: CVE May 12th, 2025 (about 2 months ago)
CVE-2024-25211	Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/delete_category.php. Description: Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/delete_category.php. EPSS Score: 0.08% SSVC Exploitation: poc Source: CVE May 12th, 2025 (about 2 months ago)
	Trindel Insurance Fund falls victim to MEDUSA Ransomware Description: Trindel Insurance Fund falls victim to MEDUSA Ransomware Source: DarkWebInformer May 12th, 2025 (about 2 months ago)
	J43v3r Defaced the Website of Powerman International Description: J43v3r Defaced the Website of Powerman International Source: DarkWebInformer May 12th, 2025 (about 2 months ago)
	900 People Are Collectively Driving an 'Internet Roadtrip' on Google Street View Description: The new site is a cozy and chaotic sucessor to 'Twitch plays Pokémon. Source: 404 Media May 12th, 2025 (about 2 months ago)
	Google to pay Texas nearly $1.4 billion over alleged data privacy violations Description: The payout far outstrips any other state settlements against the tech giant over data privacy. Source: The Record May 12th, 2025 (about 2 months ago)
CVE-2025-26841	Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload. Description: Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload. EPSS Score: 0.04% Source: CVE May 12th, 2025 (about 2 months ago)
	Moldova arrests suspect linked to DoppelPaymer ransomware attacks Description: Moldovan authorities have detained a 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021. [...] Source: BleepingComputer May 12th, 2025 (about 2 months ago)
	ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files Description: ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that's designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by communicating with a Source: TheHackerNews May 12th, 2025 (about 2 months ago)