Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-39883 |
Description: Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS: HIGH (8.8) EPSS Score: 0.15% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39882 |
Description: Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS: HIGH (8.8) EPSS Score: 0.15% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39881 |
Description: Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS: HIGH (8.8) EPSS Score: 0.15% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39880 |
Description: Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.15% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39874 |
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.
CVSS: HIGH (7.5) EPSS Score: 0.15% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39873 |
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its web API. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.
CVSS: HIGH (7.5) EPSS Score: 0.15% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39868 |
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of networks for which they have no privileges.
CVSS: HIGH (7.6) EPSS Score: 0.4% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39867 |
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit device configuration information of devices for which they have no privileges.
CVSS: HIGH (7.6) EPSS Score: 0.4% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39866 |
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the right to upload backup files to create a user with administrative privileges.
CVSS: HIGH (8.8) EPSS Score: 0.11% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|
|
CVE-2024-39865 |
Description: A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker with access to the backup encryption key to upload malicious files, that could potentially lead to remote code execution.
CVSS: HIGH (8.8) EPSS Score: 0.95% SSVC Exploitation: none
May 1st, 2025 (11 days ago)
|