CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2021-32419 |
Description:
Nessus Plugin ID 223934 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c. (CVE-2021-32419)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/223934
CVSS: MEDIUM (5.3)
March 5th, 2025 (4 months ago)
|
|
CVE-2021-30661 |
🚨 Marked as known exploited on April 10th, 2025 (3 months ago).
Description:
Nessus Plugin ID 223935 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/223935
CVSS: HIGH (8.8)
March 5th, 2025 (4 months ago)
|
|
CVE-2021-3155 |
Description:
Nessus Plugin ID 223936 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 (CVE-2021-3155)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/223936
CVSS: LOW (3.8)
March 5th, 2025 (4 months ago)
|
|
CVE-2021-35196 |
Description:
Nessus Plugin ID 223937 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure deserialization via the pickle.load() function in settings.py. NOTE: the vendor's position is that the product is not intended for opening an untrusted project file (CVE-2021-35196)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/223937
CVSS: HIGH (7.8)
March 5th, 2025 (4 months ago)
|
|
CVE-2021-32136 |
Description:
Nessus Plugin ID 223938 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. (CVE-2021-32136)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/223938
CVSS: HIGH (7.8)
March 5th, 2025 (4 months ago)
|
|
Description: Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.
"The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers
March 5th, 2025 (4 months ago)
|
|
CVE-2025-27685 |
Description: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Configuration File Contains CA & Private Key V-2022-001.
EPSS Score: 0.02%
March 5th, 2025 (4 months ago)
|
|
CVE-2025-27684 |
Description: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Debug Bundle Contains Sensitive Data V-2022-003.
EPSS Score: 0.04%
March 5th, 2025 (4 months ago)
|
|
CVE-2025-27683 |
Description: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Driver Unrestricted Upload of File with Dangerous Type V-2022-006.
EPSS Score: 0.05%
March 5th, 2025 (4 months ago)
|
|
CVE-2025-27682 |
Description: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Insecure Log Permissions V-2022-005.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
March 5th, 2025 (4 months ago)
|