Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-48997 |
Description: SQL Server Native Client Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.15%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48996 |
Description: SQL Server Native Client Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.15%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48995 |
Description: SQL Server Native Client Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.15%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48994 |
Description: SQL Server Native Client Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.15%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48993 |
Description: SQL Server Native Client Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.15%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48991 |
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).
CVSS: HIGH (7.8) EPSS Score: 0.05%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48986 |
Description: An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer (the length of which is determined by looking up the event type in a table). The subsequent write operation, however, copies the amount of data specified in the packet header, which may lead to a buffer overflow. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated.
CVSS: HIGH (7.5) EPSS Score: 0.05%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-48861 |
Description: An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands.
We have already fixed the vulnerability in the following versions:
QuRouter 2.4.4.106 and later
CVSS: HIGH (7.3) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-47257 |
Description: Florent ThiƩry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network.
Axis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution.
CVSS: HIGH (7.5) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-45755 |
Description: An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated users with high-privileged access.
CVSS: HIGH (7.2) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|