CyberAlerts

CVE-2024-48861

QHora

Description: An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-47257

Description: Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. Axis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-45755

Description: An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated users with high-privileged access.

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-45369

mySCADA myPRO Improper Authentication

Description: The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-43689

Description: Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed.

CVSS: HIGH (8.8)

EPSS Score: 0.09%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-43644

Windows Client-Side Caching Elevation of Privilege Vulnerability

Description: Windows Client-Side Caching Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-43642

Windows SMB Denial of Service Vulnerability

Description: Windows SMB Denial of Service Vulnerability

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-43641

Windows Registry Elevation of Privilege Vulnerability

Description: Windows Registry Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-43640

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE

November 27th, 2024 (6 months ago)

CVE-2024-43636

Win32k Elevation of Privilege Vulnerability

Description: Win32k Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE

November 27th, 2024 (6 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-48861	QHora Description: An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later CVSS: HIGH (7.3) EPSS Score: 0.04% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-47257	Description: Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. Axis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution. CVSS: HIGH (7.5) EPSS Score: 0.04% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-45755	Description: An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated users with high-privileged access. CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-45369	mySCADA myPRO Improper Authentication Description: The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource. CVSS: HIGH (8.1) EPSS Score: 0.04% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-43689	Description: Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed. CVSS: HIGH (8.8) EPSS Score: 0.09% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-43644	Windows Client-Side Caching Elevation of Privilege Vulnerability Description: Windows Client-Side Caching Elevation of Privilege Vulnerability CVSS: HIGH (7.8) EPSS Score: 0.05% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-43642	Windows SMB Denial of Service Vulnerability Description: Windows SMB Denial of Service Vulnerability CVSS: HIGH (7.5) EPSS Score: 0.09% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-43641	Windows Registry Elevation of Privilege Vulnerability Description: Windows Registry Elevation of Privilege Vulnerability CVSS: HIGH (7.8) EPSS Score: 0.05% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-43640	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability CVSS: HIGH (7.8) EPSS Score: 0.05% Source: CVE November 27th, 2024 (6 months ago)
CVE-2024-43636	Win32k Elevation of Privilege Vulnerability Description: Win32k Elevation of Privilege Vulnerability CVSS: HIGH (7.8) EPSS Score: 0.05% Source: CVE November 27th, 2024 (6 months ago)