CyberAlerts
@cyberalerts.bsky.social
🚨 Automated posting of Known Exploited Vulnerabilities (KEV) from CyberAlerts.io
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: Command Injection Vulnerability
CVE-2025-8876
CRITICAL: Command Injection Vulnerability
CVE-2025-8876
Command Injection Vulnerability - CyberAlerts
View detailed information about CVE-2025-8876 on CyberAlerts
cyberalerts.io
August 14, 2025 at 3:40 PM
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: Command Injection Vulnerability
CVE-2025-8876
CRITICAL: Command Injection Vulnerability
CVE-2025-8876
🚨 New CISA Vulnerability Alert 🚨
: N-able N-Central Command Injection Vulnerability
CVE-2025-8876
: N-able N-Central Command Injection Vulnerability
CVE-2025-8876
N-able N-Central Command Injection Vulnerability - CyberAlerts
View detailed information about CVE-2025-8876 on CyberAlerts
cyberalerts.io
August 13, 2025 at 8:00 PM
🚨 New CISA Vulnerability Alert 🚨
: N-able N-Central Command Injection Vulnerability
CVE-2025-8876
: N-able N-Central Command Injection Vulnerability
CVE-2025-8876
🚨 New CISA Vulnerability Alert 🚨
HIGH: RARLAB WinRAR Path Traversal Vulnerability
CVE-2025-8088
HIGH: RARLAB WinRAR Path Traversal Vulnerability
CVE-2025-8088
RARLAB WinRAR Path Traversal Vulnerability - CyberAlerts
View detailed information about CVE-2025-8088 on CyberAlerts
cyberalerts.io
August 12, 2025 at 5:45 PM
🚨 New CISA Vulnerability Alert 🚨
HIGH: RARLAB WinRAR Path Traversal Vulnerability
CVE-2025-8088
HIGH: RARLAB WinRAR Path Traversal Vulnerability
CVE-2025-8088
🚨 New CISA Vulnerability Alert 🚨
HIGH: Path traversal vulnerability in WinRAR
CVE-2025-8088
HIGH: Path traversal vulnerability in WinRAR
CVE-2025-8088
Path traversal vulnerability in WinRAR - CyberAlerts
View detailed information about CVE-2025-8088 on CyberAlerts
cyberalerts.io
August 8, 2025 at 12:40 PM
🚨 New CISA Vulnerability Alert 🚨
HIGH: Path traversal vulnerability in WinRAR
CVE-2025-8088
HIGH: Path traversal vulnerability in WinRAR
CVE-2025-8088
🚨 New CISA Vulnerability Alert 🚨
HIGH: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
CVE-2020-25078
HIGH: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
CVE-2020-25078
D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability - CyberAlerts
View detailed information about CVE-2020-25078 on CyberAlerts
cyberalerts.io
August 5, 2025 at 6:15 PM
🚨 New CISA Vulnerability Alert 🚨
HIGH: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
CVE-2020-25078
HIGH: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
CVE-2020-25078
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...
CVE-2024-39717
MEDIUM: The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...
CVE-2024-39717
The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged... - CyberAlerts
View detailed information about CVE-2024-39717 on CyberAlerts
cyberalerts.io
July 31, 2025 at 12:40 AM
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...
CVE-2024-39717
MEDIUM: The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...
CVE-2024-39717
🚨 New CISA Vulnerability Alert 🚨
: Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
CVE-2024-38856
: Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
CVE-2024-38856
Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code - CyberAlerts
View detailed information about CVE-2024-38856 on CyberAlerts
cyberalerts.io
July 30, 2025 at 11:40 PM
🚨 New CISA Vulnerability Alert 🚨
: Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
CVE-2024-38856
: Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
CVE-2024-38856
🚨 New CISA Vulnerability Alert 🚨
: Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
CVE-2024-37383
: Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
CVE-2024-37383
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. - CyberAlerts
View detailed information about CVE-2024-37383 on CyberAlerts
cyberalerts.io
July 30, 2025 at 10:40 PM
🚨 New CISA Vulnerability Alert 🚨
: Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
CVE-2024-37383
: Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
CVE-2024-37383
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...
CVE-2024-37085
MEDIUM: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...
CVE-2024-37085
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full... - CyberAlerts
View detailed information about CVE-2024-37085 on CyberAlerts
cyberalerts.io
July 30, 2025 at 9:40 PM
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...
CVE-2024-37085
MEDIUM: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...
CVE-2024-37085
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
CVE-2024-3400
CRITICAL: PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
CVE-2024-3400
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect - CyberAlerts
View detailed information about CVE-2024-3400 on CyberAlerts
cyberalerts.io
July 30, 2025 at 8:40 PM
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
CVE-2024-3400
CRITICAL: PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
CVE-2024-3400
🚨 New CISA Vulnerability Alert 🚨
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-32896
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-32896
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... - CyberAlerts
View detailed information about CVE-2024-32896 on CyberAlerts
cyberalerts.io
July 30, 2025 at 7:40 PM
🚨 New CISA Vulnerability Alert 🚨
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-32896
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-32896
🚨 New CISA Vulnerability Alert 🚨
HIGH: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection
CVE-2024-3273
HIGH: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection
CVE-2024-3273
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection - CyberAlerts
View detailed information about CVE-2024-3273 on CyberAlerts
cyberalerts.io
July 30, 2025 at 6:40 PM
🚨 New CISA Vulnerability Alert 🚨
HIGH: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection
CVE-2024-3273
HIGH: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection
CVE-2024-3273
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials
CVE-2024-3272
CRITICAL: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials
CVE-2024-3272
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials - CyberAlerts
View detailed information about CVE-2024-3272 on CyberAlerts
cyberalerts.io
July 30, 2025 at 5:40 PM
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials
CVE-2024-3272
CRITICAL: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials
CVE-2024-3272
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...
CVE-2024-29824
CRITICAL: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...
CVE-2024-29824
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same... - CyberAlerts
View detailed information about CVE-2024-29824 on CyberAlerts
cyberalerts.io
July 30, 2025 at 4:40 PM
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...
CVE-2024-29824
CRITICAL: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...
CVE-2024-29824
🚨 New CISA Vulnerability Alert 🚨
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-29748
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-29748
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... - CyberAlerts
View detailed information about CVE-2024-29748 on CyberAlerts
cyberalerts.io
July 30, 2025 at 3:40 PM
🚨 New CISA Vulnerability Alert 🚨
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-29748
: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...
CVE-2024-29748
🚨 New CISA Vulnerability Alert 🚨
: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...
CVE-2024-29745
: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...
CVE-2024-29745
there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution... - CyberAlerts
View detailed information about CVE-2024-29745 on CyberAlerts
cyberalerts.io
July 30, 2025 at 2:40 PM
🚨 New CISA Vulnerability Alert 🚨
: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...
CVE-2024-29745
: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...
CVE-2024-29745
🚨 New CISA Vulnerability Alert 🚨
HIGH: SolarWinds Serv-U L Directory Transversal Vulnerability
CVE-2024-28995
HIGH: SolarWinds Serv-U L Directory Transversal Vulnerability
CVE-2024-28995
SolarWinds Serv-U L Directory Transversal Vulnerability - CyberAlerts
View detailed information about CVE-2024-28995 on CyberAlerts
cyberalerts.io
July 30, 2025 at 1:40 PM
🚨 New CISA Vulnerability Alert 🚨
HIGH: SolarWinds Serv-U L Directory Transversal Vulnerability
CVE-2024-28995
HIGH: SolarWinds Serv-U L Directory Transversal Vulnerability
CVE-2024-28995
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
CVE-2024-28987
CRITICAL: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
CVE-2024-28987
SolarWinds Web Help Desk Hardcoded Credential Vulnerability - CyberAlerts
View detailed information about CVE-2024-28987 on CyberAlerts
cyberalerts.io
July 30, 2025 at 12:40 PM
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
CVE-2024-28987
CRITICAL: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
CVE-2024-28987
🚨 New CISA Vulnerability Alert 🚨
HIGH: Information disclosure
CVE-2024-24919
HIGH: Information disclosure
CVE-2024-24919
Information disclosure - CyberAlerts
View detailed information about CVE-2024-24919 on CyberAlerts
cyberalerts.io
July 30, 2025 at 11:40 AM
🚨 New CISA Vulnerability Alert 🚨
HIGH: Information disclosure
CVE-2024-24919
HIGH: Information disclosure
CVE-2024-24919
🚨 New CISA Vulnerability Alert 🚨
: Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...
CVE-2024-23897
: Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...
CVE-2024-23897
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by... - CyberAlerts
View detailed information about CVE-2024-23897 on CyberAlerts
cyberalerts.io
July 30, 2025 at 10:40 AM
🚨 New CISA Vulnerability Alert 🚨
: Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...
CVE-2024-23897
: Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...
CVE-2024-23897
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...
CVE-2024-23113
CRITICAL: A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,... - CyberAlerts
View detailed information about CVE-2024-23113 on CyberAlerts
cyberalerts.io
July 30, 2025 at 9:40 AM
🚨 New CISA Vulnerability Alert 🚨
CRITICAL: A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...
CVE-2024-23113
CRITICAL: A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...
CVE-2024-23113
🚨 New CISA Vulnerability Alert 🚨
HIGH: A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and...
CVE-2024-21893
HIGH: A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and...
CVE-2024-21893
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and... - CyberAlerts
View detailed information about CVE-2024-21893 on CyberAlerts
cyberalerts.io
July 30, 2025 at 8:40 AM
🚨 New CISA Vulnerability Alert 🚨
HIGH: A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and...
CVE-2024-21893
HIGH: A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and...
CVE-2024-21893
🚨 New CISA Vulnerability Alert 🚨
HIGH: Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...
CVE-2024-21287
HIGH: Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...
CVE-2024-21287
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The... - CyberAlerts
View detailed information about CVE-2024-21287 on CyberAlerts
cyberalerts.io
July 30, 2025 at 7:40 AM
🚨 New CISA Vulnerability Alert 🚨
HIGH: Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...
CVE-2024-21287
HIGH: Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...
CVE-2024-21287
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2024-20481
MEDIUM: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2024-20481
A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense... - CyberAlerts
View detailed information about CVE-2024-20481 on CyberAlerts
cyberalerts.io
July 30, 2025 at 6:40 AM
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2024-20481
MEDIUM: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2024-20481
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive...
CVE-2024-20359
MEDIUM: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive...
CVE-2024-20359
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive... - CyberAlerts
View detailed information about CVE-2024-20359 on CyberAlerts
cyberalerts.io
July 30, 2025 at 5:40 AM
🚨 New CISA Vulnerability Alert 🚨
MEDIUM: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive...
CVE-2024-20359
MEDIUM: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive...
CVE-2024-20359