CVE Alert: CVE-2024-12847
Vulnerability Summary: CVE-2024-12847 NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can...
Month: January 2025
CVE Alert: CVE-2025-22597
Vulnerability Summary: CVE-2025-22597 WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in...
CVE Alert: CVE-2024-6437
Vulnerability Summary: CVE-2024-6437 On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic...
CVE Alert: CVE-2025-22596
Vulnerability Summary: CVE-2025-22596 WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in...
CVE Alert: CVE-2024-7095
Vulnerability Summary: CVE-2024-7095 On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some...
CVE Alert: CVE-2024-47517
Vulnerability Summary: CVE-2024-47517 Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM...
CVE Alert: CVE-2024-9131
Vulnerability Summary: CVE-2024-9131 A user with administrator privileges can perform command injection Affected Endpoints: No affected endpoints listed. Published Date:...
CVE Alert: CVE-2024-9132
Vulnerability Summary: CVE-2024-9132 The administrator is able to configure an insecure captive portal script Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-5872
Vulnerability Summary: CVE-2024-5872 On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied...
CVE Alert: CVE-2024-9133
Vulnerability Summary: CVE-2024-9133 A user with administrator privileges is able to retrieve authentication tokens Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-7142
Vulnerability Summary: CVE-2024-7142 On Arista CloudVision Appliance (CVA) affected releases running on appliances that support hardware disk encryption (DCA-350E-CV only),...
CVE Alert: CVE-2024-47519
Vulnerability Summary: CVE-2024-47519 Backup uploads to ETM subject to man-in-the-middle interception Affected Endpoints: No affected endpoints listed. Published Date: 1/10/2025,...
CVE Alert: CVE-2024-47520
Vulnerability Summary: CVE-2024-47520 A user with advanced report application access rights can perform actions for which they are not authorized...
CVE Alert: CVE-2025-23112
Vulnerability Summary: CVE-2025-23112 An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability allows authenticated users to...
CVE Alert: CVE-2024-47518
Vulnerability Summary: CVE-2024-47518 Specially constructed queries targeting ETM could discover active remote access sessions Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2025-23110
Vulnerability Summary: CVE-2025-23110 An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field...
CVE Alert: CVE-2025-23111
Vulnerability Summary: CVE-2025-23111 An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing...
CVE Alert: CVE-2024-9188
Vulnerability Summary: CVE-2024-9188 Specially constructed queries cause cross platform scripting leaking administrator tokens Affected Endpoints: No affected endpoints listed. Published...
CVE Alert: CVE-2024-9134
Vulnerability Summary: CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights...
CVE Alert: CVE-2025-23113
Vulnerability Summary: CVE-2025-23113 An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while...
Fake PoC Exploit: A New Threat for Security Researchers from Infostealer
Security researchers face an evolving landscape of cyber threats, and a recent fake proof-of-concept (PoC) exploit highlights a critical risk:...
Historic Cyber-Attack on Slovakia’s Land Registry Causes Major Disruption
Slovakia experienced a significant cyber-attack on its land registry system, affecting property management and services nationwide. A large-scale cyber-attack originating...
Medusind Data Breach Exposes Sensitive Patient Information to Cybercriminals
The Medusind data breach has exposed sensitive patient data, impacting over 360,000 individuals. Learn more about this alarming incident. US...
Fake CrowdStrike Job Offers: A New Tactic for Distributing Cryptominers
Cybercriminals are increasingly targeting job seekers in a phishing scheme disguised as legitimate CrowdStrike recruitment offers. This deceptive tactic aims...
