CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-33471	An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX... Description: An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33470	An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback... Description: An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33454	Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack... Description: Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack component. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33450	SQL Injection in Finereport v.8.0 allows a remote attacker to obtain sensitive information Description: SQL Injection in Finereport v.8.0 allows a remote attacker to obtain sensitive information EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33433	Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest... Description: Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33402	A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to... Description: A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33250	An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute... Description: An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted request. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33228	An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and... Description: An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33227	An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via... Description: An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-33226	An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute... Description: An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)