Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-30098
Windows Cryptographic Services Security Feature Bypass Vulnerability
Description: Windows Cryptographic Services Security Feature Bypass Vulnerability

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-30081
Windows NTLM Spoofing Vulnerability
Description: Windows NTLM Spoofing Vulnerability

CVSS: HIGH (7.1)

EPSS Score: 0.35%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-30079
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Description: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-30061
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Description: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVSS: HIGH (7.3)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-29945
Splunk Authentication Token Exposure in Debug Log in Splunk Enterprise
Description: In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level.

CVSS: HIGH (7.2)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-28928
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-28899
Secure Boot Security Feature Bypass Vulnerability
Description: Secure Boot Security Feature Bypass Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-23678
Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition
Description: In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-21542
Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination...
Description: Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the _extract_packages_archive function.

CVSS: HIGH (7.7)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-21425
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)