CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
Description: A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. [...]
Source: BleepingComputer
January 16th, 2025 (6 months ago)

CVE-2025-23061
Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists...
Description: Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because of an incomplete fix for CVE-2024-53900.

CVSS: CRITICAL (9.0)

EPSS Score: 0.05%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-23040
Maliciously crafted remote URLs could lead to credential leak in GitHub Desktop
Description: GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop relies on Git to perform all network related operations (such as cloning, fetching, and pushing). When a user attempts to clone a repository GitHub Desktop will invoke `git clone` and when Git encounters a remote which requires authentication it will request the credentials for that remote host from GitHub Desktop using the git-credential protocol. Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github Desktop such that it will send credentials for a different host than the host that Git is currently communicating with thereby allowing for secret exfiltration. GitHub username and OAuth token, or credentials for other Git remote hosts stored in GitHub Desktop could be improperly transmitted to an unrelated host. Users should update to GitHub Desktop 3.4.12 or greater which fixes this vulnerability. Users who suspect they may be affected should revoke any relevant credentials.

CVSS: MEDIUM (6.6)

EPSS Score: 0.05%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-23013
In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module (PAM)...
Description: In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue that allows for an authentication bypass in some configurations. An attacker would require the ability to access the system as an unprivileged user. Depending on the configuration, the attacker may also need to know the user's password.

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-22997
A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to...
Description: A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-22996
A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to...
Description: A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-22976
SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the...
Description: SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-22968
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions
Description: An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions

EPSS Score: 0.05%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-22964
SQL Injection vulnerability in DDSN Net Pty Ltd (DDSN Interactive) DDSN Interactive cm3 Acora CMS 10.1.1 allows an attacker to execute arbitrary...
Description: SQL Injection vulnerability in DDSN Net Pty Ltd (DDSN Interactive) DDSN Interactive cm3 Acora CMS 10.1.1 allows an attacker to execute arbitrary code via the table parameter.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2025-22799
WordPress Neon Product Designer Plugin <= 2.1.1 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Vertim Coders Neon Product Designer allows SQL Injection.This issue affects Neon Product Designer: from n/a through 2.1.1.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)