Vulnerabilities

CVE Alert: CVE-2025-1926

March 11, 2025

Vulnerability Summary: CVE-2025-1926 The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site...

CVE Alert: CVE-2024-43107

March 11, 2025

Vulnerability Summary: CVE-2024-43107 Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events)...

CVE Alert: CVE-2024-41724

March 11, 2025

Vulnerability Summary: CVE-2024-41724 Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the...

CVE Alert: CVE-2025-2133

March 11, 2025

Vulnerability Summary: CVE-2025-2133 A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown...

CVE Alert: CVE-2025-27256

March 11, 2025

Vulnerability Summary: CVE-2025-27256 Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due...

CVE Alert: CVE-2025-27255

March 11, 2025

Vulnerability Summary: CVE-2025-27255 Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user...

CVE Alert: CVE-2025-2150

March 11, 2025

Vulnerability Summary: CVE-2025-2150 The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges...

CVE Alert: CVE-2025-27257

March 11, 2025

Vulnerability Summary: CVE-2025-27257 Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user...

CVE Alert: CVE-2025-27253

March 11, 2025

Vulnerability Summary: CVE-2025-27253 An improper input validation in GE Vernova UR IED family devices from version 7.0 up to 8.60...

CVE Alert: CVE-2025-24387

March 11, 2025

Vulnerability Summary: CVE-2025-24387 A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings...

CVE Alert: CVE-2025-27254

March 11, 2025

Vulnerability Summary: CVE-2025-27254 Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can...

CVE Alert: CVE-2024-13918

March 11, 2025

Vulnerability Summary: CVE-2024-13918 The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an...

CVE Alert: CVE-2024-13919

March 11, 2025

Vulnerability Summary: CVE-2024-13919 The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an...

CVE Alert: CVE-2025-2147

March 11, 2025

Vulnerability Summary: CVE-2025-2147 A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0....

CVE Alert: CVE-2025-2153

March 11, 2025

Vulnerability Summary: CVE-2025-2153 A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete...

CVE Alert: CVE-2025-2148

March 11, 2025

Vulnerability Summary: CVE-2025-2148 A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability...

CVE Alert: CVE-2025-2151

March 11, 2025

Vulnerability Summary: CVE-2025-2151 A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects...

CVE Alert: CVE-2025-2149

March 11, 2025

Vulnerability Summary: CVE-2025-2149 A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue...

CVE Alert: CVE-2025-2152

March 11, 2025

Vulnerability Summary: CVE-2025-2152 A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3....

CVE Alert: CVE-2025-25620

March 11, 2025

Vulnerability Summary: CVE-2025-25620 Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. Affected Endpoints: No...

CVE Alert: CVE-2025-26916

March 11, 2025

Vulnerability Summary: CVE-2025-26916 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in EPC...

CVE Alert: CVE-2025-26910

March 11, 2025

Vulnerability Summary: CVE-2025-26910 Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit allows Stored XSS. This issue affects WPBookit: from...

CVE Alert: CVE-2025-26933

March 11, 2025

Vulnerability Summary: CVE-2025-26933 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nitin...

CVE Alert: CVE-2024-12604

March 11, 2025

Vulnerability Summary: CVE-2024-12604 Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability...

Vulnerabilities

CVE Alert: CVE-2025-1926

CVE Alert: CVE-2024-43107

CVE Alert: CVE-2024-41724

CVE Alert: CVE-2025-2133

CVE Alert: CVE-2025-27256

CVE Alert: CVE-2025-27255

CVE Alert: CVE-2025-2150

CVE Alert: CVE-2025-27257

CVE Alert: CVE-2025-27253

CVE Alert: CVE-2025-24387

CVE Alert: CVE-2025-27254

CVE Alert: CVE-2024-13918

CVE Alert: CVE-2024-13919

CVE Alert: CVE-2025-2147

CVE Alert: CVE-2025-2153

CVE Alert: CVE-2025-2148

CVE Alert: CVE-2025-2151

CVE Alert: CVE-2025-2149

CVE Alert: CVE-2025-2152

CVE Alert: CVE-2025-25620

CVE Alert: CVE-2025-26916

CVE Alert: CVE-2025-26910

CVE Alert: CVE-2025-26933

CVE Alert: CVE-2024-12604

BugCrowd Bug Bounty Disclosure: P3 – Publicly Editable Google Docs Linked from NASA SnowEx PPT –

BugCrowd Bug Bounty Disclosure: P3 – Details of the collaboration between NASA and Inmarsat Government and the type of contract –

Apple Products Multiple Vulnerabilities

Miljödata – 870,108 breached accounts

Cobalt Strike Beacon Detected – 119[.]91[.]203[.]199:88

You may have missed