CVE Alert: CVE-2025-49832
Vulnerability Summary: CVE-2025-49832 Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including...
CVE Alert: CVE-2025-45778
Vulnerability Summary: CVE-2025-45778 A stored cross-site scripting (XSS) vulnerability in The Language Sloth Web Application v1.0 allows attackers to execute...
CVE Alert: CVE-2025-33118
Vulnerability Summary: CVE-2025-33118 IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability...
CVE Alert: CVE-2025-2824
Vulnerability Summary: CVE-2025-2824 IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, 9.0.0.1, and 9.5.0 could allow a remote attacker to conduct...
CVE Alert: CVE-2025-54595
Vulnerability Summary: CVE-2025-54595 Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper...
CVE Alert: CVE-2025-54593
Vulnerability Summary: CVE-2025-54593 FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can...
CVE Alert: CVE-2025-50869
Vulnerability Summary: CVE-2025-50869 A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input...
CVE Alert: CVE-2025-50870
Vulnerability Summary: CVE-2025-50870 Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts...
CVE Alert: CVE-2025-50868
Vulnerability Summary: CVE-2025-50868 A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP-Project 1.0. The Q4 POST parameter is...
[LYNX] – Ransomware Victim: www[.]pefco[.]com
Ransomware Group: LYNX VICTIM NAME: wwwpefcocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RHYSIDA] – Ransomware Victim: Cookeville Regional Medical Center
Ransomware Group: RHYSIDA VICTIM NAME: Cookeville Regional Medical Center NOTE: No files or stolen information are by RedPacket Security. Any...
[MEDUSA] – Ransomware Victim: White Coffee Corporation
Ransomware Group: MEDUSA VICTIM NAME: White Coffee Corporation NOTE: No files or stolen information are by RedPacket Security. Any legal...
[MEDUSA] – Ransomware Victim: Franklin Pierce Schools
Ransomware Group: MEDUSA VICTIM NAME: Franklin Pierce Schools NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-54564
Vulnerability Summary: CVE-2025-54564 uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows...
CVE Alert: CVE-2025-54574
Vulnerability Summary: CVE-2025-54574 Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to...
CVE Alert: CVE-2025-6014
Vulnerability Summary: CVE-2025-6014 Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within...
CVE Alert: CVE-2025-6011
Vulnerability Summary: CVE-2025-6011 A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to...
CVE Alert: CVE-2025-6004
Vulnerability Summary: CVE-2025-6004 Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods....
CVE Alert: CVE-2025-6000
Vulnerability Summary: CVE-2025-6000 A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution...
CVE Alert: CVE-2025-8475
Vulnerability Summary: CVE-2025-8475 Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-5999
Vulnerability Summary: CVE-2025-5999 A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own...
CVE Alert: CVE-2025-8474
Vulnerability Summary: CVE-2025-8474 Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows physically present attackers to execute...
CVE Alert: CVE-2025-8473
Vulnerability Summary: CVE-2025-8473 Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on...
CVE Alert: CVE-2025-8480
Vulnerability Summary: CVE-2025-8480 Alpine iLX-507 Command Injection Remote Code Execution. This vulnerability allows network-adjacent attackers to execute arbitrary code on...
