CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-36789	An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards. Description: An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36788	Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and... Description: Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36787	An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the administrative interface via... Description: An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the administrative interface via unspecified vectors. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36783	TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function. Description: TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36782	TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log... Description: TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36779	Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php. Description: Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php. EPSS Score: 0.13% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36775	A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload... Description: A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36774	An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. Description: An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36773	A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload... Description: A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Themes parameter at index.php. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36745	An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the... Description: An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)