CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53704 |
Description: SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
February 18th, 2025 (5 months ago)
|
|
CVE-2025-0108 |
Description: Palo Alto PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.
CVSS: HIGH (8.8) EPSS Score: 96.76%
February 18th, 2025 (5 months ago)
|
|
Description: The Chinese APT hacking group "Mustang Panda" has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software. [...]
February 18th, 2025 (5 months ago)
|
|
CVE-2024-1062 |
Description:
Nessus Plugin ID 216404 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for redhat-ds:11.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1632 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration. Security Fix(es): * 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr) (CVE-2024-1062) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solu...
February 18th, 2025 (5 months ago)
|
|
CVE-2025-24032 |
Description:
Nessus Plugin ID 216405 with Critical Severity
Synopsis
The remote Debian host is missing a security-related update.
Description
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4058 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4058-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 18, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : pam-pkcs11 Version : 0.6.11-4+deb11u1 CVE ID : CVE-2025-24032 A vulnerability was discovered in pam-pkcs11, a PAM module which allows to use PKCS#11 based smart cards in the PAM authentication stack, which may allow to bypass the authentication in some scenarios. For Debian 11 bullseye, this problem has been fixed in version 0.6.11-4+deb11u1. We recommend that you upgrade your pam-pkcs11 packages. For the detailed security status of pam-pkcs11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pam-pkcs11 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTSTenable ha...
CVSS: CRITICAL (9.2) EPSS Score: 0.05%
February 18th, 2025 (5 months ago)
|
|
CVE-2025-26465 |
Description:
Nessus Plugin ID 216406 with High Severity
Synopsis
The remote Debian host is missing a security-related update.
Description
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4057 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4057-1 [email protected] https://www.debian.org/lts/security/ Colin Watson February 18, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : openssh Version : 1:8.4p1-5+deb11u4 CVE ID : CVE-2025-26465 The Qualys Threat Research Unit (TRU) discovered that the OpenSSH client is vulnerable to a machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (disabled by default). Details can be found in the Qualys advisory at https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt For Debian 11 bullseye, this problem has been fixed in version 1:8.4p1-5+deb11u4. We recommend that you upgrade your openssh packages. For the detailed security status of openssh please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssh Further information about Debian LTS security advisories, how to apply these updates to your system and frequently...
EPSS Score: 11.5%
February 18th, 2025 (5 months ago)
|
|
CVE-2025-26465 |
Description:
Nessus Plugin ID 216407 with High Severity
Synopsis
The remote Debian host is missing a security-related update.
Description
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5868 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5868-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssh CVE ID : CVE-2025-26465 The Qualys Threat Research Unit (TRU) discovered that the OpenSSH client is vulnerable to a machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (disabled by default). Details can be found in the Qualys advisory at https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt For the stable distribution (bookworm), this problem has been fixed in version 1:9.2p1-2+deb12u5. We recommend that you upgrade your openssh packages. For the detailed security status of openssh please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssh Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be...
EPSS Score: 11.5%
February 18th, 2025 (5 months ago)
|
|
CVE-2024-29018 |
Description:
Nessus Plugin ID 216408 with Critical Severity
Synopsis
The remote Ubuntu host is missing one or more security updates.
Description
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7161-2 advisory. USN-7161-1 fixed CVE-2024-29018 in Ubuntu 24.04 LTS. This update fixes it in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. USN-7161-1 fixed CVE-2024-41110 in Ubuntu 24.10, Ubuntu 24.04 LTS, and Ubuntu 18.04 LTS. This updates fixes it in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.Tenable has extracted the preceding description block directly from the Ubuntu security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected docker.io package.
Read more at https://www.tenable.com/plugins/nessus/216408
CVSS: MEDIUM (5.9)
February 18th, 2025 (5 months ago)
|
|
CVE-2024-20312 |
Description:
Nessus Plugin ID 216409 with High Severity
Synopsis
The remote device is missing a vendor-supplied security patch
Description
According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency. (CVE-2024-20312)Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwf54007
Read more at https://www.tenable.com/plugins/nessus/216409
CVSS: HIGH (7.4)
February 18th, 2025 (5 months ago)
|
|
CVE-2024-20312 |
Description:
Nessus Plugin ID 216410 with High Severity
Synopsis
The remote device is missing a vendor-supplied security patch
Description
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency. (CVE-2024-20312)Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwf54007
Read more at https://www.tenable.com/plugins/nessus/216410
CVSS: HIGH (7.4)
February 18th, 2025 (5 months ago)
|