CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-38277 |
Description: A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-37575 |
Description: The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the org.mistergroup.shouldianswer.ui.default_dialer.DefaultDialerActivity component.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-37574 |
Description: The GriceMobile com.grice.call application 4.5.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.iui.mobile.presentation.MobileActivity.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-36671 |
Description: nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-36623 |
Description: moby v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-36621 |
Description: moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-36620 |
moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
Description: moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-34500 |
Description: An issue was discovered in the UnlinkedWikibase extension in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. XSS can occur through an interface message. Error messages (in the $err var) are not escaped before being passed to Html::rawElement() in the getError() function in the Hooks class.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-34468 |
Description: Rukovoditel before 3.5.3 allows XSS via user_photo to My Page.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (7 months ago)
|
|
CVE-2024-33766 |
Description: lunasvg v2.3.9 was discovered to contain an FPE (Floating Point Exception) at blend_transformed_tiled_argb.isra.0.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (7 months ago)
|