CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-52995 |
Description: File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.10, the implementation of the allowlist is erroneous, allowing a user to execute more shell commands than they are authorized for. The concrete impact of this vulnerability depends on the commands configured, and the binaries installed on the server or in the container image. Due to the missing separation of scopes on the OS-level, this could give an attacker access to all files managed the application, including the File Browser database. This issue has been patched in version 2.33.10.
CVSS: HIGH (8.0) EPSS Score: 0.07%
June 30th, 2025 (17 days ago)
|
|
CVE-2025-52901 |
Description: File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token (JWT) which is used as a session identifier will get leaked to anyone having access to the URLs accessed by the user. This will give an attacker full access to a user's account and, in consequence, to all sensitive files the user has access to. This issue has been patched in version 2.33.9.
CVSS: MEDIUM (4.5) EPSS Score: 0.07%
June 30th, 2025 (17 days ago)
|
|
CVE-2025-52491 |
Description: Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.
CVSS: MEDIUM (5.8) EPSS Score: 0.04%
June 30th, 2025 (17 days ago)
|
|
CVE-2025-49493 |
Description: Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
CVSS: MEDIUM (5.8) EPSS Score: 1.02%
June 30th, 2025 (17 days ago)
|
|
Description: Impact
Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID.
For the attack to succeed, the attacker needs a user account in Graylog. They can then proceed to issue hand-crafted requests to the Graylog REST API and exploit a weak permission check for token creation.
Workarounds
In Graylog version 6.2.0 and above, regular users can be restricted from creating API tokens. The respective configuration can be found in System > Configuration > Users > "Allow users to create personal access tokens". This option should be Disabled, so that only administrators are allowed to create tokens.
Recommended Actions
After upgrading Graylog from a vulnerable version to a patched version, administrators are advised to perform the following steps to ensure the integrity of their system:
Review API tokens
An overview of all existing API tokens is available at System > Users and Teams > Token Management. Please review this list carefully and ensure each token is there for a reason.
Check Audit Log (Graylog Enterprise only)
Graylog Enterprise provides an audit log that can be used to review which API tokens were created when the system was vulnerable. Please search the Audit Log for action:create token and match the Actor with the user for whom the token was created. In most cases this should be the same user, but there might be legitimate reasons for users to be allowed to create to...
June 30th, 2025 (17 days ago)
|
|
Description: The Justice Department announced a coordinated action to disrupt a Pyongyang campaign to get North Koreans hired at U.S.-based companies.
June 30th, 2025 (17 days ago)
|
|
Description: The vulnerabilities, which have yet to be published, could allow a threat actor to hijack not only Bluetooth earbuds and headphones but also the devices connected to them.
June 30th, 2025 (17 days ago)
|
|
CVE-2025-6925 |
Description: A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. In Dromara RuoYi-Vue-Plus 5.4.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /src/main/java/org/dromara/demo/controller/MailController.java der Komponente Mail Handler. Mit der Manipulation des Arguments filePath mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.08% SSVC Exploitation: poc
June 30th, 2025 (17 days ago)
|
|
CVE-2025-6879 |
Description: A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in SourceCodester Best Salon Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /panel/add-tax.php. Durch Manipulation des Arguments Name mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.04% SSVC Exploitation: poc
June 30th, 2025 (17 days ago)
|
|
CVE-2025-6878 |
Description: A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In SourceCodester Best Salon Management System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Datei /panel/search-appointment.php. Durch die Manipulation des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.04% SSVC Exploitation: poc
June 30th, 2025 (17 days ago)
|