Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-51072
Description: An issue in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to cause a Denial of Service (DoS) via ECU reset UDS service.

CVSS: MEDIUM (5.3)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-51058
Description: Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through src tag, potentially exposing sensitive information.

CVSS: MEDIUM (6.2)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-50377
Description: A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The vulnerability is associated to the backup configuration functionality that by default encrypts the archives using a static password.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-49596
Description: Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion

CVSS: MEDIUM (5.9)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-49351
IBM Workload Scheduler information disclosure
Description: IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user.

CVSS: MEDIUM (5.5)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-49054
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-49044
Visual Studio Elevation of Privilege Vulnerability
Description: Visual Studio Elevation of Privilege Vulnerability

CVSS: MEDIUM (6.7)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-49025
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Description: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVSS: MEDIUM (5.4)

EPSS Score: 0.09%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-48747
Description: An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-47854
Description: An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.

CVSS: MEDIUM (6.1)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)