CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2017-3066 |
Description: Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code execution.
CVSS: CRITICAL (9.8)
February 24th, 2025 (4 months ago)
|
|
CVE-2024-20953 |
Description: Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system.
CVSS: HIGH (8.8) EPSS Score: 4.2%
February 24th, 2025 (4 months ago)
|
|
Description: Only by addressing the inefficiencies of current naming conventions can we create a safer, more resilient landscape for all defenders.
February 24th, 2025 (4 months ago)
|
|
|
Description: A Threat Actor Claims to have Leaked the Data of Washington Secretary of State Elections Division
February 24th, 2025 (4 months ago)
|
|
|
|
|
CVE-2025-1632 |
Description: A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine Schwachstelle in libarchive bis 3.7.7 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen hiervon ist die Funktion list der Datei bsdunzip.c. Durch Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: LOW (3.3) EPSS Score: 0.02%
February 24th, 2025 (4 months ago)
|
|
CVE-2025-1599 |
Description: A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profile_crud.php. The manipulation of the argument old_cat_img leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Eine problematische Schwachstelle wurde in SourceCodester Best Church Management Software 1.0 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /admin/app/profile_crud.php. Dank Manipulation des Arguments old_cat_img mit unbekannten Daten kann eine path traversal: '../filedir'-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.13% SSVC Exploitation: poc
February 24th, 2025 (4 months ago)
|
|
CVE-2025-0545 |
Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tekrom Technology T-Soft E-Commerce allows Cross-Site Scripting (XSS).This issue affects T-Soft E-Commerce: before v5.
CVSS: MEDIUM (4.7) EPSS Score: 0.05%
February 24th, 2025 (4 months ago)
|
|
CVE-2024-5174 |
Description: A flaw in Gliffy results in broken authentication through the reset functionality of the application.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
February 24th, 2025 (4 months ago)
|
|
|
Description: For $4.99, you too could buy "SUMMARY OF JOSEPH COX’S DARK WIRE." It's contents might be AI-generated.
February 24th, 2025 (4 months ago)
|