CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24770	WordPress CraftXtore <= 1.7 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme CraftXtore allows PHP Local File Inclusion. This issue affects CraftXtore: from n/a through 1.7. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (16 days ago)
CVE-2025-24768	WordPress Nitan <= 2.9 - Local File Inclusion Vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan allows PHP Local File Inclusion. This issue affects Nitan: from n/a through 2.9. CVSS: HIGH (8.1) EPSS Score: 0.15% Source: CVE June 9th, 2025 (16 days ago)
CVE-2025-24767	WordPress TicketBAI Facturas para WooCommerce <= 3.19 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Blind SQL Injection. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE June 9th, 2025 (16 days ago)
CVE-2025-23974	WordPress One-Login <= 1.4 - Privilege Escalation Vulnerability Description: Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4. CVSS: HIGH (8.1) EPSS Score: 0.05% Source: CVE June 9th, 2025 (16 days ago)
CVE-2024-31585	FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability... Description: FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. CVSS: MEDIUM (5.3) EPSS Score: 0.03% SSVC Exploitation: none Source: CVE June 9th, 2025 (16 days ago)
	Sensata Technologies says personal data stolen by ransomware gang Description: Sensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack. [...] Source: BleepingComputer June 9th, 2025 (16 days ago)
	Alleged data breach of IMS Consultores Description: Alleged data breach of IMS Consultores Source: DarkWebInformer June 9th, 2025 (16 days ago)
	🏴‍☠️ Akira has just published a new victim : NyN Description: NyN is a real estate developer in Barcelona and provinces. We are going to upload about 30 GB of corporate data. Lots of fin ancial data of almost all of their hotels and other divisions, in ternal correspondence, a bit of personal files of employees, lots of contracts and agreements, clients data, NDAs, etc. Source: Ransomware.live June 9th, 2025 (16 days ago)
	RipperSec Targeted the Website of Vice President of India Description: RipperSec Targeted the Website of Vice President of India Source: DarkWebInformer June 9th, 2025 (16 days ago)
	What 7,000+ NodeZero RAT Attempts Show Us About Cyber Security Description: Discover how NodeZero's autonomous RAT operates, why credentials dominate post-exploitation, and what it means for your cyber defense. Source: Horizon3.ai Attack Research June 9th, 2025 (16 days ago)