CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-52003 |
Description: Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. There is a vulnerability in Traefik that allows the client to provide the X-Forwarded-Prefix header from an untrusted source. This issue has been addressed in versions 2.11.14 and 3.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS: MEDIUM (6.3) EPSS Score: 0.05%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-51900 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard K Miller What Would Seth Godin Do allows Stored XSS.This issue affects What Would Seth Godin Do: from n/a through 2.1.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-49581 |
Description: Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available across organizational boundaries nor did it allow for data to be viewed or accessed by unauthenticated users.
The affected service have been patched and automatically deployed to all Apollo-managed Foundry instances.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-38827 |
Description: The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.
CVSS: MEDIUM (4.8) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-33053 |
Description: Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-33040 |
Description: Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-33039 |
Description: Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-33037 |
Description: Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
CVSS: MEDIUM (6.1) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-33036 |
Description: Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|
|
CVE-2024-22272 |
Description: VMware Cloud Director contains an Improper Privilege Management vulnerability.
An authenticated tenant administrator for a
given organization within VMware Cloud Director may be able to
accidentally disable their organization leading to a Denial of Service
for active sessions within their own organization's scope.
CVSS: MEDIUM (4.9) EPSS Score: 0.04%
December 3rd, 2024 (6 months ago)
|