CVE Alert: CVE-2025-24909
Vulnerability Summary: CVE-2025-24909 Overview The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output...
threatintel
CVE Alert: CVE-2025-24908
Vulnerability Summary: CVE-2025-24908 Overview The product uses external input to construct a pathname that should be within a restricted directory,...
CVE Alert: CVE-2025-24911
Vulnerability Summary: CVE-2025-24911 Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition...
CVE Alert: CVE-2025-24907
Vulnerability Summary: CVE-2025-24907 Overview The product uses external input to construct a pathname that should be within a restricted directory,...
[SAFEPAY] – Ransomware Victim: extremefire[.]com[.]au
Ransomware Group: SAFEPAY VICTIM NAME: extremefirecomau NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: getriebetech[.]de
Ransomware Group: SAFEPAY VICTIM NAME: getriebetechde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: eichele-bau[.]de
Ransomware Group: SAFEPAY VICTIM NAME: eichele-baude NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: frapack[.]de
Ransomware Group: SAFEPAY VICTIM NAME: frapackde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: foerster-schwanau[.]de
Ransomware Group: SAFEPAY VICTIM NAME: foerster-schwanaude NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: hurst-schroeder[.]de
Ransomware Group: SAFEPAY VICTIM NAME: hurst-schroederde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: heilbronn[.]de
Ransomware Group: SAFEPAY VICTIM NAME: heilbronnde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: itec-gmbh[.]com
Ransomware Group: SAFEPAY VICTIM NAME: itec-gmbhcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: helixtools[.]co[.]uk
Ransomware Group: SAFEPAY VICTIM NAME: helixtoolscouk NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SAFEPAY] – Ransomware Victim: heinrich-steinhardt[.]de
Ransomware Group: SAFEPAY VICTIM NAME: heinrich-steinhardtde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-26730
Vulnerability Summary: CVE-2025-26730 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NotFound Macro Calculator with Admin...
CVE Alert: CVE-2025-22263
Vulnerability Summary: CVE-2025-22263 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Global Gallery allows Reflected...
CVE Alert: CVE-2025-26740
Vulnerability Summary: CVE-2025-26740 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in burgersoftware SpaBiz allows DOM-Based XSS....
CVE Alert: CVE-2025-22268
Vulnerability Summary: CVE-2025-22268 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for...
CVE Alert: CVE-2025-26746
Vulnerability Summary: CVE-2025-26746 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Advanced Custom Fields: Link...
CVE Alert: CVE-2025-26903
Vulnerability Summary: CVE-2025-26903 Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-24315
Vulnerability Summary: CVE-2025-24315 Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary...
CVE Alert: CVE-2025-26906
Vulnerability Summary: CVE-2025-26906 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User...
CVE Alert: CVE-2025-25276
Vulnerability Summary: CVE-2025-25276 An unauthenticated attacker can hijack other users' devices and potentially control them. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-24850
Vulnerability Summary: CVE-2025-24850 An attacker can export other users' plant information. Affected Endpoints: No affected endpoints listed. Published Date: 4/15/2025,...
