CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-13796	Post Grid and Gutenberg Blocks – ComboBlocks <= 2.3.6 - Unauthenticated User Information Exposure Description: The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.6 via the /wp-json/post-grid/v2/get_users REST API This makes it possible for unauthenticated attackers to extract sensitive data including including emails and other user data. CVSS: MEDIUM (5.3) EPSS Score: 0.02% Source: CVE February 28th, 2025 (4 months ago)
CVE-2025-1744	Out-of-bounds Write in radare2 Description: Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9. CVSS: CRITICAL (10.0) EPSS Score: 0.05% Source: CVE February 28th, 2025 (4 months ago)
	Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) Description: FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. contain multiple vulnerabilities. Source: Japan Vulnerability Notes (JVN) February 28th, 2025 (4 months ago)
	Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators Source: TheRegister February 28th, 2025 (4 months ago)
	Targeted by Ransomware, Middle East Banks Shore Up Security Description: As the UAE financial sector finished up its annual cyberattack exercise, its worries about ransomware compromises and geopolitical attacks are on the rise. Source: Dark Reading February 28th, 2025 (4 months ago)
CVE-2025-23225	IBM MQ denial of service Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue. CVSS: MEDIUM (6.5) EPSS Score: 0.04% Source: CVE February 28th, 2025 (4 months ago)
CVE-2025-0975	IBM MQ code execution Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters. CVSS: HIGH (8.8) EPSS Score: 0.07% Source: CVE February 28th, 2025 (4 months ago)
CVE-2025-0823	IBM MQ path traversal Description: IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: CVE February 28th, 2025 (4 months ago)
CVE-2024-56340	IBM MQ path traversal Description: IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter. CVSS: MEDIUM (6.5) EPSS Score: 0.03% Source: CVE February 28th, 2025 (4 months ago)
CVE-2024-54173	IBM MQ information disclosure Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled. CVSS: MEDIUM (4.7) EPSS Score: 0.01% Source: CVE February 28th, 2025 (4 months ago)