CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: FutureSeeker Claims to have Leaked the Data of SkilloVilla
February 2nd, 2025 (5 months ago)
|
|
|
February 2nd, 2025 (5 months ago)
|
|
|
February 2nd, 2025 (5 months ago)
|
CVE-2019-19245 |
Description: Posted by hyp3rlinx on Feb 01Updated SQL Injection CVE-2019-19245 exploit for Python3.
import requests,time,re,sys,argparse
#NAPC Xinet Elegant 6 Asset Library v6.1.655
#Pre-Auth SQL Injection 0day Exploit
#By hyp3rlinx
#ApparitionSec
#UPDATED: Jan 2024 for python3
#TODO: add SSL support
#===============================
#This will dump tables, usernames and passwords in vulnerable versions
#REQUIRE PARAMS:...
February 2nd, 2025 (5 months ago)
|
|
|
Description: Posted by David Fifield on Feb 01I tested a few more times, and it appears the text injection has
disappeared.
These are timestamps when I tested, with offsets relative to the initial
discovery.
+0h 2025-01-28 03:00 initial discovery
+5h 2025-01-28 08:19 ?q=EgtoZWxsbyB3b3JsZA works
(https://archive.is/DD9xB)
+14h 2025-01-28 17:31 ?q=EgtoZWxsbyB3b3JsZA works
(no archive)
+45h...
February 2nd, 2025 (5 months ago)
|
|
|
Description: Posted by Apple Product Security via Fulldisclosure on Feb 01APPLE-SA-01-30-2025-1 GarageBand 10.4.12
GarageBand 10.4.12 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121866.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
GarageBand
Available for: macOS Sonoma 14.4 and later
Impact: Processing a maliciously crafted image may lead to arbitrary...
February 2nd, 2025 (5 months ago)
|
|
|
Description: In October 2014, the (now defunct) Belgian gaming news forum 9Lives suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 109k unique email addresses along with usernames and salted MD5 password hashes.
February 2nd, 2025 (5 months ago)
|
|
CVE-2025-23091 |
Description: An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
February 2nd, 2025 (5 months ago)
|
|
CVE-2025-0961 |
Description: A vulnerability, which was classified as problematic, has been found in code-projects Job Recruitment 1.0. Affected by this issue is some unknown functionality of the file /_parse/load_job-details.php. The manipulation of the argument business_stream_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine problematische Schwachstelle wurde in code-projects Job Recruitment 1.0 entdeckt. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /_parse/load_job-details.php. Durch das Manipulieren des Arguments business_stream_name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
February 2nd, 2025 (5 months ago)
|
|
CVE-2025-0950 |
Description: A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. This issue affects some unknown processing of the file staffview.php. The manipulation of the argument staffid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in itsourcecode Tailoring Management System 1.0 gefunden. Davon betroffen ist unbekannter Code der Datei staffview.php. Dank der Manipulation des Arguments staffid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
February 2nd, 2025 (5 months ago)
|