CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24768	WordPress Nitan <= 2.9 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan allows PHP Local File Inclusion. This issue affects Nitan: from n/a through 2.9. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (16 days ago)
CVE-2025-24767	WordPress TicketBAI Facturas para WooCommerce <= 3.19 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Blind SQL Injection. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE June 9th, 2025 (16 days ago)
CVE-2025-23974	WordPress One-Login <= 1.4 - Privilege Escalation Vulnerability Description: Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4. CVSS: HIGH (8.1) EPSS Score: 0.05% Source: CVE June 9th, 2025 (16 days ago)
CVE-2024-31585	FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability... Description: FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. CVSS: MEDIUM (5.3) EPSS Score: 0.03% SSVC Exploitation: none Source: CVE June 9th, 2025 (16 days ago)
	Sensata Technologies says personal data stolen by ransomware gang Description: Sensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack. [...] Source: BleepingComputer June 9th, 2025 (16 days ago)
	Alleged data breach of IMS Consultores Description: Alleged data breach of IMS Consultores Source: DarkWebInformer June 9th, 2025 (16 days ago)
	🏴‍☠️ Akira has just published a new victim : NyN Description: NyN is a real estate developer in Barcelona and provinces. We are going to upload about 30 GB of corporate data. Lots of fin ancial data of almost all of their hotels and other divisions, in ternal correspondence, a bit of personal files of employees, lots of contracts and agreements, clients data, NDAs, etc. Source: Ransomware.live June 9th, 2025 (16 days ago)
	RipperSec Targeted the Website of Vice President of India Description: RipperSec Targeted the Website of Vice President of India Source: DarkWebInformer June 9th, 2025 (16 days ago)
	What 7,000+ NodeZero RAT Attempts Show Us About Cyber Security Description: Discover how NodeZero's autonomous RAT operates, why credentials dominate post-exploitation, and what it means for your cyber defense. Source: Horizon3.ai Attack Research June 9th, 2025 (16 days ago)
CVE-2025-5885	Konica Minolta bizhub cross-site request forgery Description: A vulnerability has been found in Konica Minolta bizhub up to 20250202 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In Konica Minolta bizhub bis 20250202 wurde eine problematische Schwachstelle gefunden. Das betrifft eine unbekannte Funktionalität. Durch Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. CVSS: MEDIUM (5.3) EPSS Score: 0.02% Source: CVE June 9th, 2025 (16 days ago)