threatintel

CVE Alert: CVE-2025-0628

March 21, 2025

Vulnerability Summary: CVE-2025-0628 An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role...

CVE Alert: CVE-2025-1040

March 21, 2025

Vulnerability Summary: CVE-2025-1040 AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to...

CVE Alert: CVE-2025-0508

March 21, 2025

Vulnerability Summary: CVE-2025-0508 A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions...

CVE Alert: CVE-2025-0655

March 21, 2025

Vulnerability Summary: CVE-2025-0655 A vulnerability in man-group/dtale versions 3.15.1 allows an attacker to override global state settings to enable the...

CVE Alert: CVE-2025-0453

March 21, 2025

Vulnerability Summary: CVE-2025-0453 In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker...

CVE Alert: CVE-2025-1474

March 21, 2025

Vulnerability Summary: CVE-2025-1474 In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a...

CVE Alert: CVE-2025-1796

March 21, 2025

Vulnerability Summary: CVE-2025-1796 A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by...

CVE Alert: CVE-2024-13922

March 21, 2025

Vulnerability Summary: CVE-2024-13922 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion...

CVE Alert: CVE-2024-13923

March 21, 2025

Vulnerability Summary: CVE-2024-13923 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery...

CVE Alert: CVE-2025-2311

March 21, 2025

Vulnerability Summary: CVE-2025-2311 Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Nebula Informatics...

CVE Alert: CVE-2024-13558

March 21, 2025

Vulnerability Summary: CVE-2024-13558 The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in...

CVE Alert: CVE-2024-13920

March 21, 2025

Vulnerability Summary: CVE-2024-13920 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in...

CVE Alert: CVE-2025-2539

March 21, 2025

Vulnerability Summary: CVE-2025-2539 The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing...

CVE Alert: CVE-2024-13921

March 21, 2025

Vulnerability Summary: CVE-2024-13921 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection...

CVE Alert: CVE-2025-1496

March 21, 2025

Vulnerability Summary: CVE-2025-1496 Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This...

CVE Alert: CVE-2025-0254

March 21, 2025

Vulnerability Summary: CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to...

CVE Alert: CVE-2025-2548

March 21, 2025

Vulnerability Summary: CVE-2025-2548 A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is...

CVE Alert: CVE-2025-2546

March 21, 2025

Vulnerability Summary: CVE-2025-2546 A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown...

CVE Alert: CVE-2025-1802

March 21, 2025

Vulnerability Summary: CVE-2025-1802 The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...