CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26789 |
Description: An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint deployment.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26788 |
Description: StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcredential) flow as a discoverable transaction.
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26524 |
Description: This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/ flooding on the targeted system.
CVSS: MEDIUM (5.1) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26523 |
Description: This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other user accounts.
CVSS: HIGH (7.4) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26522 |
Description: This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses.
Successful exploitation of this vulnerability could allow the attacker to bypass Two-Factor Authentication (2FA) for other user accounts.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26519 |
Description: musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.
CVSS: HIGH (8.1) EPSS Score: 0.05%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26508 |
Description: Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVSS: HIGH (8.3) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26507 |
Description: Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVSS: MEDIUM (6.3) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26506 |
Description: Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVSS: CRITICAL (9.2) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|
|
CVE-2025-26158 |
Description: A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter.
CVSS: MEDIUM (5.6) EPSS Score: 0.04%
February 15th, 2025 (5 months ago)
|