CVE Alert: CVE-2025-25507
Vulnerability Summary: CVE-2025-25507 There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will...
threatintel
CVE Alert: CVE-2025-1403
Vulnerability Summary: CVE-2025-1403 Qiskit SDK 0.45.0 through 1.2.4 could allow a remote attacker to cause a denial of service using...
CVE Alert: CVE-2025-1546
Vulnerability Summary: CVE-2025-1546 A vulnerability has been found in BDCOM Behavior Management and Auditing System up to 20250210 and classified...
CVE Alert: CVE-2025-25510
Vulnerability Summary: CVE-2025-25510 Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function. Affected Endpoints: No affected endpoints...
[INCRANSOM] – Ransomware Victim: evergreenpnw[.]com
Ransomware Group: INCRANSOM VICTIM NAME: evergreenpnwcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-25605
Vulnerability Summary: CVE-2025-25605 Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua. Affected Endpoints: No...
CVE Alert: CVE-2025-25772
Vulnerability Summary: CVE-2025-25772 A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to...
CVE Alert: CVE-2025-25877
Vulnerability Summary: CVE-2025-25877 A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of...
CVE Alert: CVE-2020-19248
Vulnerability Summary: CVE-2020-19248 SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's...
CVE Alert: CVE-2025-25878
Vulnerability Summary: CVE-2025-25878 A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of...
CVE Alert: CVE-2025-27109
Vulnerability Summary: CVE-2025-27109 solid-js is a declarative, efficient, and flexible JavaScript library for building user interfaces. In affected versions Inserts/JSX...
CVE Alert: CVE-2025-25604
Vulnerability Summary: CVE-2025-25604 Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua. Affected Endpoints: No...
CVE Alert: CVE-2025-27108
Vulnerability Summary: CVE-2025-27108 dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. In affected versions the use of javascript's `.replace()`...
CVE Alert: CVE-2025-1555
Vulnerability Summary: CVE-2025-1555 A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects...
CVE Alert: CVE-2025-25282
Vulnerability Summary: CVE-2025-25282 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...
CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications CISA, in partnership with...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware CISA released a fact sheet, Contec CMS8000 Contains...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
