CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-33600 |
Description: nscd: Null pointer crashes after notfound response
If the Name Service Cache Daemon's (nscd) cache fails to add a not-found
netgroup response to the cache, the client request can result in a null
pointer dereference. This flaw was introduced in glibc 2.15 when the
cache was added to nscd.
This vulnerability is only present in the nscd binary.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33599 |
Description: nscd: Stack-based buffer overflow in netgroup cache
If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33529 |
Description: ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33528 |
Description: A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33527 |
Description: A Stored Cross-site Scripting (XSS) vulnerability in the "Import of Users and login name of user" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33526 |
Description: A Stored Cross-site Scripting (XSS) vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33525 |
Description: A Stored Cross-site Scripting (XSS) vulnerability in the "Import of organizational units and title of organizational unit" feature in ILIAS 7.20 to 7.29 and ILIAS 8.4 to 8.10 as well as ILIAS 9.0 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33485 |
Description: SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33471 |
Description: An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-33470 |
Description: An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|