CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The Arkana Security extortion gang briefly listed over the weekend what appeared to be newly stolen Ticketmaster data but is instead the data stolen during the 2024 Snowflake data theft attacks. [...]
June 9th, 2025 (4 days ago)
|
CVE-2025-5898 |
Description: A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to out-of-bounds write. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb entdeckt. Es betrifft die Funktion parse_variables_option der Datei utilities/pspp-convert.c. Durch das Manipulieren mit unbekannten Daten kann eine out-of-bounds write-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.01%
June 9th, 2025 (4 days ago)
|
|
CVE-2025-49141 |
Description: HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.3, the `gitImportSite` functionality obtains a URL string from a POST request and insufficiently validates user input. The `set_remote` function later passes this input into `proc_open`, yielding OS command injection. An authenticated attacker can craft a URL string that bypasses the validation checks employed by the `filter_var` and `strpos` functions in order to execute arbitrary OS commands on the backend server. The attacker can exfiltrate command output via an HTTP request. Version 11.0.3 contains a patch for the issue.
CVSS: HIGH (8.6) EPSS Score: 0.22%
June 9th, 2025 (4 days ago)
|
|
CVE-2025-49140 |
Description: Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should upgrade to v0.1.39 or later, which validates that: `padLen > 0 && padLen <= payloadLength` and return error on overflow, avoiding panic. If upgrading is not possible, apply the patch from the pull request manually or drop packets whose P-bit is set but whose padLen is zero or larger than the remaining payload.
CVSS: HIGH (7.5) EPSS Score: 0.04%
June 9th, 2025 (4 days ago)
|
|
CVE-2025-49139 |
Description: HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load another site in an iframe. The application allows users to supply a target URL in the website block. When the HAX site is visited, the client's browser will query the supplied URL. An authenticated attacker can create a HAX site with a website block pointing at an attacker-controlled server running Responder or a similar tool. The attacker can then conduct a phishing attack by convincing another user to visit their malicious HAX site to harvest credentials. Version 11.0.0 contains a patch for the issue.
CVSS: MEDIUM (5.3) EPSS Score: 0.03%
June 9th, 2025 (4 days ago)
|
|
CVE-2025-49138 |
Description: HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written into site.json. This enables attackers to exfiltrate sensitive system files such as /etc/passwd, application secrets, or configuration files accessible to the web server (www-data). The vulnerability stems from the way the HAXCMS backend handles the location field in the site's outline. When a user sends a POST request to /system/api/saveOutline, the backend stores the provided location value directly into the site.json file associated with the site, without validating or sanitizing the input. Later the location parameter is interpreted by the CMS to resolve and load the content for a given node. If the location field contains a relative path like `../../../etc/passwd`, the application will attempt to read and render that file. Version 11.0.0 fixes the issue.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
June 9th, 2025 (4 days ago)
|
|
Description: Threat Attack Daily - 9th of June 2025
June 9th, 2025 (4 days ago)
|
|
Description: [AI generated] "Electro-Seal" specializes in inspection, maintenance and repair services for the oil and gas industry. They focus on deploying safe, efficient, and cost-effective solutions to manage asset integrity and longevity. The company offers an extensive range of services including pipeline inspections, corrosion protection, industrial coatings, and risk assessments. Their mission is to ensure continuous operation of assets by minimizing downtime and optimizing productivity.
June 9th, 2025 (4 days ago)
|
|
Description: Ransomware Attack Update for the 9th of June 2025
June 9th, 2025 (4 days ago)
|
|
Description: The AI company's investigative team found that many accounts were using the program to engage in malicious activity around the world, such as employment schemes, social engineering, and cyber espionage.
June 9th, 2025 (4 days ago)
|