Vulnerabilities

CVE Alert: CVE-2025-5277

May 29, 2025

Vulnerability Summary: CVE-2025-5277 aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed...

CVE Alert: CVE-2025-45997

May 29, 2025

Vulnerability Summary: CVE-2025-45997 Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability. An attacker can upload a...

CVE Alert: CVE-2025-4134

May 29, 2025

Vulnerability Summary: CVE-2025-4134 Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux allows local...

CVE Alert: CVE-2025-32801

May 29, 2025

Vulnerability Summary: CVE-2025-32801 Kea configuration and API directives can be used to load a malicious hook library. Many common configurations...

CVE Alert: CVE-2024-51453

May 29, 2025

Vulnerability Summary: CVE-2024-51453 IBM Sterling Secure Proxy 6.2.0.0 through 6.2.0.1 could allow a remote attacker to traverse directories on the...

CVE Alert: CVE-2025-32802

May 29, 2025

Vulnerability Summary: CVE-2025-32802 Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to...

CVE Alert: CVE-2025-45343

May 29, 2025

Vulnerability Summary: CVE-2025-45343 An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing...

CVE Alert: CVE-2024-38341

May 29, 2025

Vulnerability Summary: CVE-2024-38341 IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than...

CVE Alert: CVE-2025-48927

May 29, 2025

Vulnerability Summary: CVE-2025-48927 The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a...

CVE Alert: CVE-2025-48925

May 29, 2025

Vulnerability Summary: CVE-2025-48925 The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do...

CVE Alert: CVE-2024-47056

May 29, 2025

Vulnerability Summary: CVE-2024-47056 SummaryThis advisory addresses a security vulnerability in Mautic where sensitive .env configuration files may be directly accessible...

CVE Alert: CVE-2025-36572

May 29, 2025

Vulnerability Summary: CVE-2025-36572 Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A...

CVE Alert: CVE-2025-48926

May 29, 2025

Vulnerability Summary: CVE-2025-48926 The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords,...

CVE Alert: CVE-2025-5257

May 29, 2025

Vulnerability Summary: CVE-2025-5257 SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated...

CVE Alert: CVE-2025-48928

May 29, 2025

Vulnerability Summary: CVE-2025-48928 The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is...

CVE Alert: CVE-2025-48930

May 29, 2025

Vulnerability Summary: CVE-2025-48930 The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be...

CVE Alert: CVE-2025-48931

May 29, 2025

Vulnerability Summary: CVE-2025-48931 The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities...

CVE Alert: CVE-2025-48929

May 29, 2025

Vulnerability Summary: CVE-2025-48929 The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a...

CVE Alert: CVE-2024-47055

May 29, 2025

Vulnerability Summary: CVE-2024-47055 SummaryThis advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. This vulnerability allows...

CVE Alert: CVE-2025-1461

May 29, 2025

Vulnerability Summary: CVE-2025-1461 Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized...

CVE Alert: CVE-2025-31501

May 29, 2025

Vulnerability Summary: CVE-2025-31501 Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink....

CVE Alert: CVE-2024-47057

May 29, 2025

Vulnerability Summary: CVE-2024-47057 SummaryThis advisory addresses a security vulnerability in Mautic related to the "Forget your password" functionality. This vulnerability...

CVE Alert: CVE-2025-31500

May 29, 2025

Vulnerability Summary: CVE-2025-31500 Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name....

CVE Alert: CVE-2025-32803

May 29, 2025

Vulnerability Summary: CVE-2025-32803 In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions...

Vulnerabilities

CVE Alert: CVE-2025-5277

CVE Alert: CVE-2025-45997

CVE Alert: CVE-2025-4134

CVE Alert: CVE-2025-32801

CVE Alert: CVE-2024-51453

CVE Alert: CVE-2025-32802

CVE Alert: CVE-2025-45343

CVE Alert: CVE-2024-38341

CVE Alert: CVE-2025-48927

CVE Alert: CVE-2025-48925

CVE Alert: CVE-2024-47056

CVE Alert: CVE-2025-36572

CVE Alert: CVE-2025-48926

CVE Alert: CVE-2025-5257

CVE Alert: CVE-2025-48928

CVE Alert: CVE-2025-48930

CVE Alert: CVE-2025-48931

CVE Alert: CVE-2025-48929

CVE Alert: CVE-2024-47055

CVE Alert: CVE-2025-1461

CVE Alert: CVE-2025-31501

CVE Alert: CVE-2024-47057

CVE Alert: CVE-2025-31500

CVE Alert: CVE-2025-32803

[INCRANSOM] – Ransomware Victim: C B King Memorial School(branch)

Mastering Phishing Attacks: How to Recognize and Prevent These Cyber Threats

Catwatchful – 61,641 breached accounts

CVE Alert: CVE-2025-6437

CVE Alert: CVE-2025-6459

You may have missed