CVE Alert: CVE-2024-7095
Vulnerability Summary: CVE-2024-7095 On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some...
threatintel
CVE Alert: CVE-2025-22596
Vulnerability Summary: CVE-2025-22596 WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in...
CVE Alert: CVE-2024-6437
Vulnerability Summary: CVE-2024-6437 On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic...
CVE Alert: CVE-2025-22597
Vulnerability Summary: CVE-2025-22597 WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in...
CVE Alert: CVE-2024-9131
Vulnerability Summary: CVE-2024-9131 A user with administrator privileges can perform command injection Affected Endpoints: No affected endpoints listed. Published Date:...
CVE Alert: CVE-2024-47517
Vulnerability Summary: CVE-2024-47517 Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM...
CVE Alert: CVE-2024-5872
Vulnerability Summary: CVE-2024-5872 On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied...
CVE Alert: CVE-2024-9132
Vulnerability Summary: CVE-2024-9132 The administrator is able to configure an insecure captive portal script Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-9133
Vulnerability Summary: CVE-2024-9133 A user with administrator privileges is able to retrieve authentication tokens Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2025-23112
Vulnerability Summary: CVE-2025-23112 An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability allows authenticated users to...
CVE Alert: CVE-2024-47520
Vulnerability Summary: CVE-2024-47520 A user with advanced report application access rights can perform actions for which they are not authorized...
CVE Alert: CVE-2024-47519
Vulnerability Summary: CVE-2024-47519 Backup uploads to ETM subject to man-in-the-middle interception Affected Endpoints: No affected endpoints listed. Published Date: 1/10/2025,...
CVE Alert: CVE-2024-7142
Vulnerability Summary: CVE-2024-7142 On Arista CloudVision Appliance (CVA) affected releases running on appliances that support hardware disk encryption (DCA-350E-CV only),...
CVE Alert: CVE-2024-47518
Vulnerability Summary: CVE-2024-47518 Specially constructed queries targeting ETM could discover active remote access sessions Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-9134
Vulnerability Summary: CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights...
CVE Alert: CVE-2024-9188
Vulnerability Summary: CVE-2024-9188 Specially constructed queries cause cross platform scripting leaking administrator tokens Affected Endpoints: No affected endpoints listed. Published...
CVE Alert: CVE-2025-23111
Vulnerability Summary: CVE-2025-23111 An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing...
CVE Alert: CVE-2025-23110
Vulnerability Summary: CVE-2025-23110 An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field...
CVE Alert: CVE-2025-23113
Vulnerability Summary: CVE-2025-23113 An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while...
[EVEREST] – Ransomware Victim: Protected: Title Hidden
Ransomware Group: EVEREST VICTIM NAME: Protected: Title Hidden NOTE: No files or stolen information are by RedPacket Security. Any legal...
Empire C2 Detected – 45[.]60[.]39[.]14:8880
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...
CISA: Microsoft Releases December 2024 Security Updates
Microsoft Releases December 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...
CISA: Ivanti Releases Security Updates for Multiple Products
Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti...
