CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26309	A memory leak has been identified in the parseSWF_DEFINESCENEANDFRAMEDATA function in util/parser.c of libming v0.4.8, which allows attackers to... Description: A memory leak has been identified in the parseSWF_DEFINESCENEANDFRAMEDATA function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file. EPSS Score: 0.06% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-26308	A memory leak has been identified in the parseSWF_FILTERLIST function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial... Description: A memory leak has been identified in the parseSWF_FILTERLIST function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file. EPSS Score: 0.06% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-26307	A memory leak has been identified in the parseSWF_IMPORTASSETS2 function in util/parser.c of libming v0.4.8, which allows attackers to cause a... Description: A memory leak has been identified in the parseSWF_IMPORTASSETS2 function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file. EPSS Score: 0.06% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-26306	A memory leak has been identified in the readSizedString function in util/read.c of libming v0.4.8, which allows attackers to cause a denial of... Description: A memory leak has been identified in the readSizedString function in util/read.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted file. EPSS Score: 0.06% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-26305	A memory leak has been identified in the parseSWF_SOUNDINFO function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial... Description: A memory leak has been identified in the parseSWF_SOUNDINFO function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file. EPSS Score: 0.05% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-26304	A memory leak has been identified in the parseSWF_EXPORTASSETS function in util/parser.c of libming v0.4.8. Description: A memory leak has been identified in the parseSWF_EXPORTASSETS function in util/parser.c of libming v0.4.8. EPSS Score: 0.05% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-25973	A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute... Description: A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters. EPSS Score: 0.1% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-25968	DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive... Description: DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation. EPSS Score: 0.48% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-25960	Cross Site Scripting vulnerability in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via the menu interface of the member center... Description: Cross Site Scripting vulnerability in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator. EPSS Score: 0.04% Source: CVE February 21st, 2025 (5 months ago)
CVE-2025-25958	Cross Site Scripting vulnerabilities in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via a crafted script. Description: Cross Site Scripting vulnerabilities in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via a crafted script. EPSS Score: 0.03% Source: CVE February 21st, 2025 (5 months ago)