CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-43550 |
Description: Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: HIGH (7.8) EPSS Score: 0.03% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-41657 |
Description: Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.
CVSS: MEDIUM (4.3) EPSS Score: 0.02% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40662 |
Description: Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file.
CVSS: MEDIUM (6.9) EPSS Score: 0.06% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40661 |
Description: An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp.
CVSS: MEDIUM (6.9) EPSS Score: 0.05% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40660 |
Description: An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0.
CVSS: MEDIUM (6.9) EPSS Score: 0.05% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40659 |
Description: An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.
CVSS: MEDIUM (6.9) EPSS Score: 0.05% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40658 |
Description: An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp.
CVSS: MEDIUM (6.9) EPSS Score: 0.05% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40657 |
Description: A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp.
CVSS: CRITICAL (9.3) EPSS Score: 0.04% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40656 |
Description: A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod parameter in /administer/node-selection/data.asp.
CVSS: CRITICAL (9.3) EPSS Score: 0.04% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|
|
CVE-2025-40655 |
Description: A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name parameter in /antcatalogue.asp.
CVSS: CRITICAL (9.3) EPSS Score: 0.04% SSVC Exploitation: none
June 10th, 2025 (7 days ago)
|