CyberAlerts

Command Injection Vulnerability - CyberAlerts View detailed information about CVE-2025-8876 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: Command Injection Vulnerability

CVE-2025-8876

N-able N-Central Command Injection Vulnerability - CyberAlerts View detailed information about CVE-2025-8876 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: N-able N-Central Command Injection Vulnerability

CVE-2025-8876

RARLAB WinRAR Path Traversal Vulnerability - CyberAlerts View detailed information about CVE-2025-8088 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: RARLAB WinRAR Path Traversal Vulnerability

CVE-2025-8088

Path traversal vulnerability in WinRAR - CyberAlerts View detailed information about CVE-2025-8088 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: Path traversal vulnerability in WinRAR

CVE-2025-8088

D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability - CyberAlerts View detailed information about CVE-2020-25078 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability

CVE-2020-25078

The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged... - CyberAlerts View detailed information about CVE-2024-39717 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...

CVE-2024-39717

Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code - CyberAlerts View detailed information about CVE-2024-38856 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code

CVE-2024-38856

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. - CyberAlerts View detailed information about CVE-2024-37383 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.

CVE-2024-37383

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full... - CyberAlerts View detailed information about CVE-2024-37085 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...

CVE-2024-37085

PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect - CyberAlerts View detailed information about CVE-2024-3400 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

CVE-2024-3400

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... - CyberAlerts View detailed information about CVE-2024-32896 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...

CVE-2024-32896

D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection - CyberAlerts View detailed information about CVE-2024-3273 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection

CVE-2024-3273

D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials - CyberAlerts View detailed information about CVE-2024-3272 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials

CVE-2024-3272

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same... - CyberAlerts View detailed information about CVE-2024-29824 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...

CVE-2024-29824

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... - CyberAlerts View detailed information about CVE-2024-29748 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...

CVE-2024-29748

there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution... - CyberAlerts View detailed information about CVE-2024-29745 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...

CVE-2024-29745

SolarWinds Serv-U L Directory Transversal Vulnerability - CyberAlerts View detailed information about CVE-2024-28995 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: SolarWinds Serv-U L Directory Transversal Vulnerability

CVE-2024-28995

SolarWinds Web Help Desk Hardcoded Credential Vulnerability - CyberAlerts View detailed information about CVE-2024-28987 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: SolarWinds Web Help Desk Hardcoded Credential Vulnerability

CVE-2024-28987

Information disclosure - CyberAlerts View detailed information about CVE-2024-24919 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: Information disclosure

CVE-2024-24919

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by... - CyberAlerts View detailed information about CVE-2024-23897 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

: Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...

CVE-2024-23897

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,... - CyberAlerts View detailed information about CVE-2024-23113 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...

CVE-2024-23113

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and... - CyberAlerts View detailed information about CVE-2024-21893 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and...

CVE-2024-21893

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The... - CyberAlerts View detailed information about CVE-2024-21287 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...

CVE-2024-21287

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense... - CyberAlerts View detailed information about CVE-2024-20481 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...

CVE-2024-20481

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive... - CyberAlerts View detailed information about CVE-2024-20359 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive...

CVE-2024-20359

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)... - CyberAlerts View detailed information about CVE-2024-20353 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)...

CVE-2024-20353

Authentication bypass using an alternate path or channel - CyberAlerts View detailed information about CVE-2024-1709 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: Authentication bypass using an alternate path or channel

CVE-2024-1709

LoadMaster Pre-Authenticated OS Command Injection - CyberAlerts View detailed information about CVE-2024-1212 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: LoadMaster Pre-Authenticated OS Command Injection

CVE-2024-1212

PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) - CyberAlerts View detailed information about CVE-2024-0012 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

CVE-2024-0012

PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability - CyberAlerts View detailed information about CVE-2023-2533 on CyberAlerts

🚨 New CISA Vulnerability Alert 🚨

HIGH: PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability

CVE-2023-2533