CVE Alert: CVE-2025-3902
Vulnerability Summary: CVE-2025-3902 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Class allows Cross-Site...
Month: April 2025
CVE Alert: CVE-2025-3900
Vulnerability Summary: CVE-2025-3900 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Colorbox allows Cross-Site Scripting...
CVE Alert: CVE-2025-3904
Vulnerability Summary: CVE-2025-3904 Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*. Affected Endpoints: No affected endpoints listed. Published Date: 4/23/2025,...
CVE Alert: CVE-2025-2771
Vulnerability Summary: CVE-2025-2771 BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected...
CVE Alert: CVE-2025-2770
Vulnerability Summary: CVE-2025-2770 BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose...
CVE Alert: CVE-2025-2772
Vulnerability Summary: CVE-2025-2772 BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose...
CVE Alert: CVE-2025-3907
Vulnerability Summary: CVE-2025-3907 Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site Request Forgery.This issue affects...
[NIGHTSPIRE] – Ransomware Victim: MFR CULTIVONS LES REUSSITES, France
Ransomware Group: NIGHTSPIRE VICTIM NAME: MFR CULTIVONS LES REUSSITES, France NOTE: No files or stolen information are by RedPacket Security....
[SILENT] – Ransomware Victim: Versa Networks
Ransomware Group: SILENT VICTIM NAME: Versa Networks NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Ubuntu Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in Ubuntu Linux Kernel. An attacker could exploit some of these vulnerabilities to trigger denial of...
CVE Alert: CVE-2025-3903
Vulnerability Summary: CVE-2025-3903 Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2024-58251
Vulnerability Summary: CVE-2024-58251 In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv containing...
CVE Alert: CVE-2025-46398
Vulnerability Summary: CVE-2025-46398 Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via...
CVE Alert: CVE-2025-32818
Vulnerability Summary: CVE-2025-32818 A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker...
CVE Alert: CVE-2025-46397
Vulnerability Summary: CVE-2025-46397 Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via...
CVE Alert: CVE-2025-46400
Vulnerability Summary: CVE-2025-46400 Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via...
CVE Alert: CVE-2025-46399
Vulnerability Summary: CVE-2025-46399 Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via...
CVE Alert: CVE-2024-22351
Vulnerability Summary: CVE-2024-22351 IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user...
CVE Alert: CVE-2025-25045
Vulnerability Summary: CVE-2025-25045 IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message...
CVE Alert: CVE-2025-25046
Vulnerability Summary: CVE-2025-25046 IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that...
CVE Alert: CVE-2025-46252
Vulnerability Summary: CVE-2025-46252 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kofimokome Message Filter...
CVE Alert: CVE-2025-46245
Vulnerability Summary: CVE-2025-46245 Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue...
CVE Alert: CVE-2025-46242
Vulnerability Summary: CVE-2025-46242 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz...
CVE Alert: CVE-2025-46244
Vulnerability Summary: CVE-2025-46244 Missing Authorization vulnerability in Dotstore Advanced Linked Variations for Woocommerce allows Exploiting Incorrectly Configured Access Control Security...
