Author | Lightnews

CyberAlerts

CyberAlerts

@cyberalerts.bsky.social

48 followers 14 following 430 posts

🚨 Automated posting of Known Exploited Vulnerabilities (KEV) from CyberAlerts.io

Posts Media Videos Starter Packs

CyberAlerts @cyberalerts.bsky.social · Aug 14

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: Command Injection Vulnerability

CVE-2025-8876

Command Injection Vulnerability - CyberAlerts

View detailed information about CVE-2025-8876 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Aug 13

🚨 New CISA Vulnerability Alert 🚨

: N-able N-Central Command Injection Vulnerability

CVE-2025-8876

N-able N-Central Command Injection Vulnerability - CyberAlerts

View detailed information about CVE-2025-8876 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Aug 12

🚨 New CISA Vulnerability Alert 🚨

HIGH: RARLAB WinRAR Path Traversal Vulnerability

CVE-2025-8088

RARLAB WinRAR Path Traversal Vulnerability - CyberAlerts

View detailed information about CVE-2025-8088 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Aug 8

🚨 New CISA Vulnerability Alert 🚨

HIGH: Path traversal vulnerability in WinRAR

CVE-2025-8088

Path traversal vulnerability in WinRAR - CyberAlerts

View detailed information about CVE-2025-8088 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Aug 5

🚨 New CISA Vulnerability Alert 🚨

HIGH: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability

CVE-2020-25078

D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability - CyberAlerts

View detailed information about CVE-2020-25078 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 31

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged...

CVE-2024-39717

The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged... - CyberAlerts

View detailed information about CVE-2024-39717 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

: Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code

CVE-2024-38856

Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code - CyberAlerts

View detailed information about CVE-2024-38856 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

: Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.

CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. - CyberAlerts

View detailed information about CVE-2024-37383 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...

CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full... - CyberAlerts

View detailed information about CVE-2024-37085 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

CVE-2024-3400

PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect - CyberAlerts

View detailed information about CVE-2024-3400 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...

CVE-2024-32896

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... - CyberAlerts

View detailed information about CVE-2024-32896 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

HIGH: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection

CVE-2024-3273

D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection - CyberAlerts

View detailed information about CVE-2024-3273 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials

CVE-2024-3272

D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials - CyberAlerts

View detailed information about CVE-2024-3272 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...

CVE-2024-29824

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same... - CyberAlerts

View detailed information about CVE-2024-29824 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

: there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution...

CVE-2024-29748

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... - CyberAlerts

View detailed information about CVE-2024-29748 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...

CVE-2024-29745

there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution... - CyberAlerts

View detailed information about CVE-2024-29745 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

HIGH: SolarWinds Serv-U L Directory Transversal Vulnerability

CVE-2024-28995

SolarWinds Serv-U L Directory Transversal Vulnerability - CyberAlerts

View detailed information about CVE-2024-28995 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: SolarWinds Web Help Desk Hardcoded Credential Vulnerability

CVE-2024-28987

SolarWinds Web Help Desk Hardcoded Credential Vulnerability - CyberAlerts

View detailed information about CVE-2024-28987 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

HIGH: Information disclosure

CVE-2024-24919

Information disclosure - CyberAlerts

View detailed information about CVE-2024-24919 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

: Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by...

CVE-2024-23897

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by... - CyberAlerts

View detailed information about CVE-2024-23897 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

CRITICAL: A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...

CVE-2024-23113

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,... - CyberAlerts

View detailed information about CVE-2024-23113 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

HIGH: A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and...

CVE-2024-21893

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and... - CyberAlerts

View detailed information about CVE-2024-21893 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

HIGH: Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The...

CVE-2024-21287

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The... - CyberAlerts

View detailed information about CVE-2024-21287 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...

CVE-2024-20481

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense... - CyberAlerts

View detailed information about CVE-2024-20481 on CyberAlerts

CyberAlerts @cyberalerts.bsky.social · Jul 30

🚨 New CISA Vulnerability Alert 🚨

MEDIUM: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive...

CVE-2024-20359

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive... - CyberAlerts

View detailed information about CVE-2024-20359 on CyberAlerts