CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24431 |
Description: Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02% SSVC Exploitation: none
March 11th, 2025 (4 months ago)
|
|
CVE-2025-24201 |
Description: An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
EPSS Score: 0.19%
March 11th, 2025 (4 months ago)
|
|
Description: Gaines County, Texas Falls Victim to Qilin Ransomware, Sensitive Government Data Exposed
March 11th, 2025 (4 months ago)
|
|
Description: Microsoft has released the KB5053606 cumulative update for Windows 10 22H2 and Windows 10 21H2, which fixes numerous bugs, including one preventing SSH connections. [...]
March 11th, 2025 (4 months ago)
|
|
Description: Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in "extremely sophisticated" attacks. [...]
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27440 |
Description: Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
CVSS: HIGH (8.5) EPSS Score: 0.05% SSVC Exploitation: none
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27439 |
Description: Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
CVSS: HIGH (8.5) EPSS Score: 0.05%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27179 |
Description: InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27178 |
Description: InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: HIGH (7.8) EPSS Score: 0.03%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27177 |
Description: InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: HIGH (7.8) EPSS Score: 0.02%
March 11th, 2025 (4 months ago)
|