Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-0003 |
Description: A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.
CVSS: MEDIUM (6.5) EPSS Score: 0.12%
November 28th, 2024 (6 months ago)
|
|
CVE-2024-53426 |
|
|
CVE-2024-43451 |
Description: NTLM Hash Disclosure Spoofing Vulnerability
CVSS: MEDIUM (6.5) EPSS Score: 1.33%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-43449 |
Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVSS: MEDIUM (6.8) EPSS Score: 0.05%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-42412 |
Description: Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.
CVSS: MEDIUM (6.1) EPSS Score: 0.05%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-34162 |
Description: The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-32151 |
Description: User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-29978 |
Description: User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-29146 |
Description: User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
November 27th, 2024 (6 months ago)
|
|
CVE-2024-28955 |
Description: Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
November 27th, 2024 (6 months ago)
|