CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: In June 2021, the (now defunct) gaming website HeatGames suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed almost 650k unique email addresses along with IP addresses, country and salted MD5 password hashes.
Source: HaveIBeenPwnedLatestBreaches
January 28th, 2025 (5 months ago)
Description: A new NCSC research paper aims to reduce the presence of ‘unforgivable’ vulnerabilities.
Source: NCSC Alerts and Advisories
January 28th, 2025 (5 months ago)
Description: Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.
Source: NCSC Alerts and Advisories
January 28th, 2025 (5 months ago)
Description: Signal is rolling out a new feature that allows users to transfer their message history when linking their primary device to a new desktop or iPad. Previously, only new messages would sync to linked devices, but now users can bring their chats and up to 45 days of media along with them — all while … The post Signal Adds Encrypting Message History Sync for Linked Devices appeared first on CyberInsider.
Source: CyberInsider
January 28th, 2025 (5 months ago)
Source: TheRegister
January 28th, 2025 (5 months ago)

CVE-2024-55591

Description: Rapid7 is responding to two separate events affecting Fortinet firewall customers: Zero-day exploitation of CVE-2024-55591 in FortiOS, and a large-scale data leak of older FortiGate firewall IPs, passwords, and configs.

EPSS Score: 2.63%

Source: Rapid7
January 28th, 2025 (5 months ago)

CVE-2024-20342

Description: Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.&nbsp;<br><br> This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM</a><br><br> This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300">Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication</a>.<br><br> <br/...
Source: Cisco Security Advisory
January 28th, 2025 (5 months ago)

CVE-2025-20126

Description: A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.<br><br> This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20126

EPSS Score: 0.04%

Source: Cisco Security Advisory
January 28th, 2025 (5 months ago)

CVE-2025-20128

Description: A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br><br> This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.<br><br> For a description of this vulnerability, see the <a href="https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html">ClamAV blog</a>.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20128

EPSS Score: 0.04%

Source: Cisco Security Advisory
January 28th, 2025 (5 months ago)

CVE-2025-20156

Description: A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to <em>administrator </em>on an affected device.<br><br> This vulnerability exists because proper authorization is not enforced upon&nbsp;REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc" target="_blank" rel="noopener">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc</a><br><br> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2025-20156

EPSS Score: 0.05%

Source: Cisco Security Advisory
January 28th, 2025 (5 months ago)