Search Results | AttackerKB

Show filters

Topics 3,707 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3,707 Total Results

Displaying 91-100 of 3,707

Attacker Value

Unknown

CVE-2025-23114

Disclosure Date: February 05, 2025 (last updated February 05, 2025)

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate.

0

Attacker Value

Unknown

CVE-2025-23819

Disclosure Date: February 03, 2025 (last updated February 04, 2025)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound WP Cloud allows Absolute Path Traversal. This issue affects WP Cloud: from n/a through 1.4.3.

0

Attacker Value

Unknown

CVE-2025-24831

Disclosure Date: January 31, 2025 (last updated February 01, 2025)

Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

0

Attacker Value

Unknown

CVE-2025-24830

Disclosure Date: January 31, 2025 (last updated February 01, 2025)

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

0

Attacker Value

Unknown

CVE-2025-24829

Disclosure Date: January 31, 2025 (last updated February 01, 2025)

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

0

Attacker Value

Unknown

CVE-2025-24828

Disclosure Date: January 31, 2025 (last updated February 01, 2025)

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

0

Attacker Value

Unknown

CVE-2025-24827

Disclosure Date: January 31, 2025 (last updated February 01, 2025)

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

0

Attacker Value

Unknown

CVE-2025-22332

Disclosure Date: January 31, 2025 (last updated January 31, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bryan Shanaver @ fiftyandfifty.org CloudFlare(R) Cache Purge allows Reflected XSS. This issue affects CloudFlare(R) Cache Purge: from n/a through 1.2.

0

Attacker Value

Unknown

CVE-2025-22216

Disclosure Date: January 31, 2025 (last updated January 31, 2025)

A UAA configured with multiple identity zones, does not properly validate session information across those zones. A User authenticated against a corporate IDP can re-use their jsessionid to access other zones.

0

Attacker Value

Unknown

CVE-2025-0659

Disclosure Date: January 28, 2025 (last updated January 29, 2025)

A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. By specifying the character sequence in the body of the vulnerable endpoint, it is possible to overwrite files outside of the intended directory. A threat actor with admin privileges could leverage this vulnerability to overwrite reports including user projects.

0