CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-4885 |
π¨ Marked as known exploited on March 3rd, 2025 (5 months ago).
Description: In WhatsUp Gold versions released before 2023.1.3,Β an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.Β Β The
WhatsUp.ExportUtilities.Export.GetFileWithoutZip
allows execution of commands with iisapppool\nmconsole privileges.
CVSS: CRITICAL (9.8) EPSS Score: 93.68% SSVC Exploitation: active
March 3rd, 2025 (5 months ago)
|
|
CVE-2024-57968 |
π¨ Marked as known exploited on March 10th, 2025 (4 months ago).
Description: Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this.
CVSS: CRITICAL (9.9) EPSS Score: 0.05%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-50603 |
π¨ Marked as known exploited on January 13th, 2025 (6 months ago).
Description: An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test.
CVSS: CRITICAL (10.0) EPSS Score: 92.43%
January 28th, 2025 (6 months ago)
|
|
CVE-2025-23006 |
π¨ Marked as known exploited on January 24th, 2025 (6 months ago).
Description: Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
CVSS: CRITICAL (9.8) EPSS Score: 1.37%
January 25th, 2025 (6 months ago)
|
|
CVE-2024-13161 |
π¨ Marked as known exploited on March 10th, 2025 (4 months ago).
Description: Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 25th, 2025 (6 months ago)
|
|
CVE-2024-13160 |
π¨ Marked as known exploited on March 10th, 2025 (4 months ago).
Description: Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 25th, 2025 (6 months ago)
|
|
CVE-2024-13159 |
π¨ Marked as known exploited on March 10th, 2025 (4 months ago).
Description: Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 25th, 2025 (6 months ago)
|
|
CVE-2024-53704 |
π¨ Marked as known exploited on February 18th, 2025 (5 months ago).
Description: An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 10th, 2025 (6 months ago)
|
|
CVE-2025-0282 |
π¨ Marked as known exploited on January 8th, 2025 (6 months ago).
Description: A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
CVSS: CRITICAL (9.0) EPSS Score: 15.33%
January 9th, 2025 (6 months ago)
|
|
CVE-2024-21413 |
π¨ Marked as known exploited on February 6th, 2025 (5 months ago).
Description: Microsoft Outlook Remote Code Execution Vulnerability
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
January 1st, 2025 (7 months ago)
|