CVE Alert: CVE-2025-43903
Vulnerability Summary: CVE-2025-43903 NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature...
OSINT
CVE Alert: CVE-2025-39464
Vulnerability Summary: CVE-2025-39464 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites AdminQuickbar allows Reflected XSS....
CVE Alert: CVE-2025-39521
Vulnerability Summary: CVE-2025-39521 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani Contact Form vCard...
CVE Alert: CVE-2025-39519
Vulnerability Summary: CVE-2025-39519 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtpHarry Bulk Page Stub Creator...
CVE Alert: CVE-2025-39526
Vulnerability Summary: CVE-2025-39526 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark...
CVE Alert: CVE-2025-39562
Vulnerability Summary: CVE-2025-39562 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Payment Form for PayPal...
CVE Alert: CVE-2025-39550
Vulnerability Summary: CVE-2025-39550 Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity allows Object Injection. This issue affects FluentCommunity: from...
CVE Alert: CVE-2025-39554
Vulnerability Summary: CVE-2025-39554 Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-39559
Vulnerability Summary: CVE-2025-39559 Missing Authorization vulnerability in Eivin Landa Bring Fraktguiden for WooCommerce allows Exploiting Incorrectly Configured Access Control Security...
CVE Alert: CVE-2025-39551
Vulnerability Summary: CVE-2025-39551 Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards allows Object Injection. This issue affects FluentBoards:...
CVE Alert: CVE-2025-39558
Vulnerability Summary: CVE-2025-39558 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks allows...
Cobalt Strike Beacon Detected – 120[.]27[.]235[.]78:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 120[.]27[.]235[.]78:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]92[.]204[.]3:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 118[.]195[.]243[.]223:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-39586
Vulnerability Summary: CVE-2025-39586 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows...
CVE Alert: CVE-2025-39535
Vulnerability Summary: CVE-2025-39535 Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos allows Authentication Abuse. This issue...
CVE Alert: CVE-2025-39542
Vulnerability Summary: CVE-2025-39542 Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat allows Privilege Escalation. This issue affects Xelion Webchat:...
CVE Alert: CVE-2025-39587
Vulnerability Summary: CVE-2025-39587 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix Cost Calculator...
CVE Alert: CVE-2025-39588
Vulnerability Summary: CVE-2025-39588 Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue...
CVE Alert: CVE-2025-39583
Vulnerability Summary: CVE-2025-39583 Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-39567
Vulnerability Summary: CVE-2025-39567 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamalli Web Directory Free allows...
CVE Alert: CVE-2025-39580
Vulnerability Summary: CVE-2025-39580 Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects...
CVE Alert: CVE-2025-39568
Vulnerability Summary: CVE-2025-39568 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arture B.V. StoreContrl Woocommerce...
