CVE Alert: CVE-2025-28924
Vulnerability Summary: CVE-2025-28924 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ZenphotoPress allows Reflected XSS....
CVE Alert: CVE-2025-28942
Vulnerability Summary: CVE-2025-28942 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trust Payments Trust...
CVE Alert: CVE-2025-2819
Vulnerability Summary: CVE-2025-2819 There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient...
CVE Alert: CVE-2025-2820
Vulnerability Summary: CVE-2025-2820 An authenticated attacker can compromise the availability of the device via the network Affected Endpoints: No affected...
CVE Alert: CVE-2025-27405
Vulnerability Summary: CVE-2025-27405 Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in...
CVE Alert: CVE-2025-27406
Vulnerability Summary: CVE-2025-27406 Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework...
CVE Alert: CVE-2025-30225
Vulnerability Summary: CVE-2025-30225 Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting...
CVE Alert: CVE-2025-2825
Vulnerability Summary: CVE-2025-2825 CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result...
CVE Alert: CVE-2025-2783
Vulnerability Summary: CVE-2025-2783 Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed...
Cobalt Strike Beacon Detected – 120[.]48[.]84[.]23:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 196[.]251[.]118[.]9:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 150[.]158[.]46[.]102:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-30164
Vulnerability Summary: CVE-2025-30164 Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in...
CVE Alert: CVE-2025-30351
Vulnerability Summary: CVE-2025-30351 Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.10.0...
CVE Alert: CVE-2025-2562
Vulnerability Summary: CVE-2025-2562 Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user...
CVE Alert: CVE-2025-30350
Vulnerability Summary: CVE-2025-30350 Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting...
CVE Alert: CVE-2025-2499
Vulnerability Summary: CVE-2025-2499 Client side access control bypass in the permission component in Devolutions Remote Desktop Manager on Windows. An...
CVE Alert: CVE-2025-30353
Vulnerability Summary: CVE-2025-30353 Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.12.0...
CVE Alert: CVE-2025-31160
Vulnerability Summary: CVE-2025-31160 atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application...
CVE Alert: CVE-2025-2528
Vulnerability Summary: CVE-2025-2528 Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user...
CVE Alert: CVE-2025-30352
Vulnerability Summary: CVE-2025-30352 Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4...
CVE Alert: CVE-2025-20229
Vulnerability Summary: CVE-2025-20229 In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108,...
CVE Alert: CVE-2025-2838
Vulnerability Summary: CVE-2025-2838 Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to...
CVE Alert: CVE-2025-20227
Vulnerability Summary: CVE-2025-20227 In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107,...
