CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-36789

Description: An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36788

Description: Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices.

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36787

Description: An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the administrative interface via unspecified vectors.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36783

Description: TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36782

Description: TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36779

Description: Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php.

EPSS Score: 0.13%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36775

Description: A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page.

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36774

Description: An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36773

Description: A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Themes parameter at index.php.

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-36745

Description: An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter.

EPSS Score: 0.05%

Source: CVE
February 14th, 2025 (5 months ago)