CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53507 |
Description: A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53506 |
Description: A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53505 |
Description: A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53504 |
Description: A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53484 |
Description: Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard-coded JWT signing key.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53477 |
Description: JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization in the file ApiForm.java
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53459 |
Description: Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting (XSS) via the /scgi?sid parameter.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53375 |
Description: Authenticated remote code execution (RCE) vulnerabilities affect TP-Link Archer, Deco, and Tapo series routers. A vulnerability exists in the "tmp_get_sites" function of the HomeShield functionality provided by TP-Link. This vulnerability is still exploitable without the installation or activation of the HomeShield functionality.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53364 |
Description: A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|
|
CVE-2024-53124 |
Description: In the Linux kernel, the following vulnerability has been resolved:
net: fix data-races around sk->sk_forward_alloc
Syzkaller reported this warning:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0
Modules linked in:
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
RIP: 0010:inet_sock_destruct+0x1c5/0x1e0
Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 <0f> 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00
RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206
RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007
RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00
RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007
R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00
R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78
FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
? __warn+0x88/0x130
? inet_sock_destruct+0x1c5/0x1e0
? report_bug+0x18e/0...
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (7 months ago)
|