CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-13796

Description: The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data.

CVSS: MEDIUM (5.3)

EPSS Score: 0.02%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2025-1744

Description: Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.

CVSS: CRITICAL (10.0)

EPSS Score: 0.05%

Source: CVE
February 28th, 2025 (4 months ago)
Description: FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. contain multiple vulnerabilities.
Source: Japan Vulnerability Notes (JVN)
February 28th, 2025 (4 months ago)
Source: TheRegister
February 28th, 2025 (4 months ago)
Description: As the UAE financial sector finished up its annual cyberattack exercise, its worries about ransomware compromises and geopolitical attacks are on the rise.
Source: Dark Reading
February 28th, 2025 (4 months ago)

CVE-2025-23225

Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2025-0975

Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.

CVSS: HIGH (8.8)

EPSS Score: 0.07%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2025-0823

Description: IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2024-56340

Description: IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2024-54173

Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled.

CVSS: MEDIUM (4.7)

EPSS Score: 0.01%

Source: CVE
February 28th, 2025 (4 months ago)