CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-45778

Description: A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

EPSS Score: 0.01%

Source: CVE
March 3rd, 2025 (4 months ago)
Description: A Threat Actor Claims to be Selling Admin Access to a Magento 2-Based Online Store in the UK
Source: DarkWebInformer
March 3rd, 2025 (4 months ago)
Description: Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as JavaGhost. TGR-UNK-0011 is known to
Source: TheHackerNews
March 3rd, 2025 (4 months ago)
🚨 Marked as known exploited on April 10th, 2025 (3 months ago).
Description: CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. [...]
Source: BleepingComputer
March 3rd, 2025 (4 months ago)
Description: A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. [...]
Source: BleepingComputer
March 3rd, 2025 (4 months ago)

CVE-2025-27498

Description: aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is exposed even if the tag is incorrect. This is because in decrypt_inplace in asconcore.rs, tag verification causes an error to be returned with the plaintext contents still in buffer. The vulnerability is fixed in 0.4.3.

CVSS: MEDIUM (5.6)

EPSS Score: 0.01%

Source: CVE
March 3rd, 2025 (4 months ago)

CVE-2025-27423

Description: Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164

CVSS: HIGH (7.1)

EPSS Score: 0.06%

Source: CVE
March 3rd, 2025 (4 months ago)

CVE-2025-27422

Description: FACTION is a PenTesting Report Generation and Collaboration Framework. Authentication is bypassed when an attacker registers a new user with admin privileges. This is possible at any time without any authorization. The request must follow the validation rules (no missing information, secure password, etc) but there are no other controls stopping them. This vulnerability is fixed in 1.4.3.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE
March 3rd, 2025 (4 months ago)

CVE-2025-27421

Description: Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events (SSE) implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and terminate associated goroutines. This leads to resource exhaustion where the server continues running but eventually stops accepting new SSE connections while maintaining high memory usage. The vulnerability specifically involves improper channel cleanup in the event handling mechanism, causing goroutines to remain blocked indefinitely. This vulnerability is fixed in 1.4.0.

CVSS: HIGH (7.5)

EPSS Score: 0.06%

SSVC Exploitation: poc

Source: CVE
March 3rd, 2025 (4 months ago)

CVE-2025-27420

Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the atendido_parentesco_adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the descricao parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability fix in 3.2.16.

CVSS: MEDIUM (6.4)

EPSS Score: 0.06%

Source: CVE
March 3rd, 2025 (4 months ago)