Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-43637
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVSS: MEDIUM (6.8)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43634
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVSS: MEDIUM (6.8)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43633
Windows Hyper-V Denial of Service Vulnerability
Description: Windows Hyper-V Denial of Service Vulnerability

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43631
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Description: Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVSS: MEDIUM (6.7)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-40883
Description: Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be directed to perform unintended operations such as changing the login ID, login password, etc.

CVSS: MEDIUM (6.5)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-39607
Description: OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-39281
Unbounded allocation in ctl(4) CAM Target Layer
Description: The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-38834
Stored cross-site scripting vulnerability (CVE-2024-38834)
Description: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-38833
Stored cross-site scripting vulnerability (CVE-2024-38833)
Description: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-38264
Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability
Description: Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

CVSS: MEDIUM (5.9)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (5 months ago)