CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5779 |
Description: A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php. The manipulation of the argument itr_no/comp_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In code-projects Patient Record Management System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /birthing.php. Dank Manipulation des Arguments itr_no/comp_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03% SSVC Exploitation: poc
June 6th, 2025 (22 days ago)
|
|
CVE-2025-41646 |
Description: An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device
CVSS: CRITICAL (9.8) EPSS Score: 0.56%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-27531 |
Description: Deserialization of Untrusted Data vulnerability in Apache InLong.
This issue affects Apache InLong: from 1.13.0 before 2.1.0,
this issue would allow an authenticated attacker to read arbitrary files by double writing the param.
Users are recommended to upgrade to version 2.1.0, which fixes the issue.
CVSS: CRITICAL (9.8) EPSS Score: 0.13%
June 6th, 2025 (22 days ago)
|
|
Description: Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack. [...]
June 6th, 2025 (22 days ago)
|
|
Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2025-5747.
EPSS Score: 0.17%
June 6th, 2025 (22 days ago)
|
|
|
Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2025-5748.
EPSS Score: 0.16%
June 6th, 2025 (22 days ago)
|
|
|
Description: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.3. The following CVEs are assigned: CVE-2025-5749.
EPSS Score: 0.02%
June 6th, 2025 (22 days ago)
|
|
|
Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2025-5750.
EPSS Score: 0.09%
June 6th, 2025 (22 days ago)
|
|
|
Description: This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.6. The following CVEs are assigned: CVE-2025-5751.
EPSS Score: 0.03%
June 6th, 2025 (22 days ago)
|
|
Description: Alleged data breach of Ministry of Health of Peru
June 6th, 2025 (22 days ago)
|