CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: ffi::nstr() should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow.
References
https://gitlab.redox-os.org/redox-os/uefi/-/commit/b711d47e815665b0ec8949e39292ad8e3fdd0756
https://rustsec.org/advisories/RUSTSEC-2025-0032.html
https://github.com/advisories/GHSA-58xc-hpvq-8473
May 6th, 2025 (about 2 months ago)
|
|
Description: Katie Sutton, nominated to serve as assistant secretary of defense for cyber policy, told lawmakers that the U.S. needs to be able to effectively respond to cyberattacks.
May 6th, 2025 (about 2 months ago)
|
|
Description: Alleged Sale of Confidential Pakistan Defense Production Data, Including Strategic Plans with China and Turkey
May 6th, 2025 (about 2 months ago)
|
|
Description: Alleged Sale of Unauthorized Admin Access to a WooCommerce-based Online Store in the UK
May 6th, 2025 (about 2 months ago)
|
|
|
Description: A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities.
Impact
Cross-site scripting (XSS) vulnerability in the management console.
Patches
Fixed in HAL 3.7.11.Final
Workarounds
No workaround available
References
https://github.com/hal/console/security/advisories/GHSA-f7jh-m6wp-jm7f
https://nvd.nist.gov/vuln/detail/CVE-2025-2901
https://github.com/hal/console/commit/216de3b8aa82ea92df10cc296d88c68467cf2c52
https://access.redhat.com/security/cve/CVE-2025-2901
https://bugzilla.redhat.com/show_bug.cgi?id=2355685
https://github.com/hal/console/releases/tag/v3.7.11
https://github.com/advisories/GHSA-f7jh-m6wp-jm7f
May 6th, 2025 (about 2 months ago)
|
|
Description: 404 Media reported on Sunday a hacker had got users' messages and group chats from TeleMessage. Now Senator Ron Wyden is demanding an investigation.
May 6th, 2025 (about 2 months ago)
|
CVE-2025-44900 |
Description: In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow.
EPSS Score: 0.04%
May 6th, 2025 (about 2 months ago)
|
|
Description: Balance Diagnostics falls victim to Everest Ransomware
May 6th, 2025 (about 2 months ago)
|
|
May 6th, 2025 (about 2 months ago)
|
|
Description: [AI generated] Balance Diagnostics is a medical technology company that specializes in developing advanced healthcare technologies for the diagnosis and treatment of balance disorders. These include dizziness, vertigo, and other balance-related health problems. The company's proprietary diagnostic tools and technologies are used by healthcare professionals all over the world to improve patient outcomes.
May 6th, 2025 (about 2 months ago)
|