CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-49564 |
Description: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
CVSS: HIGH (7.8) EPSS Score: 0.06%
March 28th, 2025 (3 months ago)
|
|
CVE-2024-49563 |
Description: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
CVSS: HIGH (7.8) EPSS Score: 0.06%
March 28th, 2025 (3 months ago)
|
|
CVE-2024-13939 |
Description: String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string.
As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string may be leaked (but not its contents)."
This is similar to CVE-2020-36829
CVSS: HIGH (7.5) EPSS Score: 0.04%
March 28th, 2025 (3 months ago)
|
|
CVE-2025-30232 |
Description: A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.
CVSS: HIGH (8.1) EPSS Score: 0.03%
March 28th, 2025 (3 months ago)
|
|
CVE-2025-26733 |
Description: Missing Authorization vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8.
CVSS: HIGH (8.2) EPSS Score: 0.05%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-26956 |
Description: Missing Authorization vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-26890 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginUs.Net HUSKY allows PHP Local File Inclusion.This issue affects HUSKY: from n/a through 1.3.6.4.
CVSS: HIGH (7.5) EPSS Score: 0.13%
March 27th, 2025 (3 months ago)
|
|
CVE-2025-26874 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MemberSpace allows Reflected XSS.This issue affects MemberSpace: from n/a through 2.1.13.
CVSS: HIGH (7.1) EPSS Score: 0.03%
March 27th, 2025 (3 months ago)
|
|
CVE-2024-21073 |
Description: Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Claim LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Trade Management accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS: HIGH (7.5) EPSS Score: 0.19% SSVC Exploitation: none
March 27th, 2025 (3 months ago)
|
|
CVE-2024-22264 |
Description: VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system.
CVSS: HIGH (7.2) EPSS Score: 0.49% SSVC Exploitation: none
March 27th, 2025 (3 months ago)
|