CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-4080
Memory Corruption Due to Improper Length Checks in LabVIEW tdcore.dll
Description: A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

CVSS: HIGH (7.8)

EPSS Score: 0.01%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-4079
Out of Bounds Read Due to Missing Bounds Check in LabVIEW
Description: An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.

CVSS: HIGH (7.8)

EPSS Score: 0.01%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39888
A vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Affected versions of the module define a specific...
Description: A vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an attacker to decrypt any encrypted project data, as the default encryption key can be considered compromised.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39883
Heap-based Buffer Overflow in Delta Electronics CNCSoft-G2
Description: Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.

CVSS: HIGH (8.8)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39882
Out-of-bounds Read in Delta Electronics CNCSoft-G2
Description: Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.

CVSS: HIGH (8.8)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39881
Out-of-bounds Write in Delta Electronics CNCSoft-G2
Description: Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.

CVSS: HIGH (8.8)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39880
Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2
Description: Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.

CVSS: HIGH (7.8)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39874
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement...
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.

CVSS: HIGH (7.5)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39873
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement...
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its web API. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.

CVSS: HIGH (7.5)

EPSS Score: 0.15%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)

CVE-2024-39868
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the...
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of networks for which they have no privileges.

CVSS: HIGH (7.6)

EPSS Score: 0.4%

SSVC Exploitation: none

Source: CVE
May 1st, 2025 (about 2 months ago)