CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-36730	Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting negative values into the... Description: Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting negative values into the oneflow.zeros/ones parameter. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36729	TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to... Description: TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently long reboot_type key. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36728	TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to... Description: TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlan_setting with a sufficiently long dns1 or dns 2 key. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36675	LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. Description: LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. EPSS Score: 0.1% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36674	LyLme_spage v1.9.5 is vulnerable to Cross Site Scripting (XSS) via admin/link.php. Description: LyLme_spage v1.9.5 is vulnerable to Cross Site Scripting (XSS) via admin/link.php. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36673	Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate... Description: Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL queries. EPSS Score: 0.13% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36670	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36669	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add. Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add. EPSS Score: 0.07% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36668	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=del Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=del EPSS Score: 0.07% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-36667	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close EPSS Score: 0.07% Source: CVE February 14th, 2025 (5 months ago)