Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54126 |
Description: This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading and executing malicious firmware which could lead to complete compromise of the targeted device.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-53857 |
Description: rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-53856 |
Description: rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-52276 |
Description: User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing.
1. Displayed version does not show the layer flattened version, which is provided when the "Print" option is used.
2. Displayed version does not show the layer flattened version, which is provided when the combined download option is used.
3. Displayed version does not show the layer flattened version, which is also the provided version when downloading the result in the uncombined option.
Once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.
This issue affects DocuSign: through 2024-12-04.
CVSS: HIGH (8.2) EPSS Score: 0.05%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-52271 |
Description: User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.
This issue affects Documenso: through 1.8.0, >1.8.0 and Documenso SaaS (Hosted) as of 2024-12-05.
CVSS: HIGH (8.2) EPSS Score: 0.05%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-52270 |
Description: User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing.
Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.
This issue affects DropBox Sign(HelloSign): through 2024-12-04.
CVSS: HIGH (8.2) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-51554 |
Description: Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
CVSS: HIGH (8.8) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-51548 |
Description: Dangerous File Upload vulnerabilities allow upload of malicious scripts.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
CVSS: HIGH (8.7) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-51546 |
Description: Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
CVSS: HIGH (8.7) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-51544 |
Description: Service Control vulnerabilities allow access to service restart requests and vm configuration settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
CVSS: HIGH (8.2) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|