Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-52547 |
Description: An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port 80). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111.
CVSS: HIGH (7.2) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-51771 |
Description: A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. Successful exploitation could enable the attacker to run arbitrary commands on the underlying operating system.
CVSS: HIGH (7.2) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-49420 |
Description: Improper handling of responses in GamingHub prior to version 6.1.04.6 in Korea, 7.1.03.7 in Global allows remote attackers to launch arbitrary activity.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-49415 |
Description: Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.
CVSS: HIGH (8.1) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-49413 |
Description: Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-48992 |
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
CVSS: HIGH (7.8) EPSS Score: 0.05%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-48990 |
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
CVSS: HIGH (7.8) EPSS Score: 0.25%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-47476 |
Description: Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVSS: HIGH (7.8) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-45068 |
Description: Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.
This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2024-42422 |
Description: Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVSS: HIGH (8.3) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|