CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-24923 |
Description: A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap (All versions < V2306.0001). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22055)
CVSS: HIGH (7.8) EPSS Score: 0.07% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-23813 |
Description: A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code.
CVSS: HIGH (7.3) EPSS Score: 0.11% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-23810 |
Description: A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.
CVSS: HIGH (8.8) EPSS Score: 0.56% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-23803 |
Description: A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-23802 |
Description: A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-23795 |
Description: A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.05% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-22454 |
Description:
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change
CVSS: HIGH (8.8) EPSS Score: 0.81% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-22130 |
Description: Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. An attacker with low privileges can cause limited impact to confidentiality and integrity of the appliaction data after successful exploitation.
CVSS: HIGH (7.6) EPSS Score: 0.28% SSVC Exploitation: none
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-22024 |
Description: An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
CVSS: HIGH (8.3) EPSS Score: 94.32% SSVC Exploitation: poc
May 9th, 2025 (about 1 month ago)
|
|
CVE-2024-1163 |
Description: The attacker may exploit a path traversal vulnerability leading to information disclosure.
CVSS: HIGH (7.1) EPSS Score: 0.07% SSVC Exploitation: poc
May 9th, 2025 (about 1 month ago)
|