CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53921 |
Description: An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.
CVSS: LOW (2.8) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-53701 |
Description: Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc.
Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.
CVSS: LOW (3.1) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-53564 |
Description: A serious vulnerability was discovered in FreePBX 17.0.19.17. FreePBX does not verify the type of uploaded files and does not restrict user access paths, allowing attackers to remotely control the FreePBX server by uploading malicious files with malicious content and accessing the default directory where the files are uploaded. This will result in particularly serious consequences.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-53502 |
Description: Seecms v4.8 was discovered to contain a SQL injection vulnerability in the SEMCMS_SeoAndTag.php page.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-53429 |
Description: Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, which leads to a crash.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-51363 |
Description: Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-51164 |
Description: Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-51114 |
Description: An issue in Beijing Digital China Yunke Information Technology Co.Ltd v.7.2.6.120 allows a remote attacker to execute arbitrary code via the code/function/dpi/web_auth/customizable.php file
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-50948 |
Description: An issue in mochiMQTT v2.6.3 allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|
|
CVE-2024-50724 |
Description: KASO v9.0 was discovered to contain a SQL injection vulnerability via the person_id parameter at /cardcase/editcard.jsp.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (7 months ago)
|