CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-9631 |
Description: An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56135 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56134 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
Multi-Tenant Hypervisor
7.1.35.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56133 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56132 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56131 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
Multi-Tenant Hypervisor
7.1.35.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-49352 |
Description: IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CVSS: HIGH (7.1) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-4349 |
Description: A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262489 was assigned to this vulnerability. In SourceCodester Pisay Online E-Learning System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /lesson/controller.php. Durch das Manipulieren des Arguments file mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (7.3) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-39564 |
Description: This is a similar, but different vulnerability than the issue reported as CVE-2024-39549.
A double-free vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is causing an rpd crash, leading to a Denial of Service (DoS).
This issue affects:
Junos OS: * from 22.4 before 22.4R3-S4.
Junos OS Evolved: * from 22.4 before 22.4R3-S4-EVO.
CVSS: HIGH (7.5) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-3052 |
Description: Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is required to recover the gateway.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|