CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-33471

Description: An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33470

Description: An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33454

Description: Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack component.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33450

Description: SQL Injection in Finereport v.8.0 allows a remote attacker to obtain sensitive information

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33433

Description: Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33402

Description: A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33250

Description: An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted request.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33228

Description: An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33227

Description: An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)

CVE-2024-33226

Description: An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

EPSS Score: 0.04%

Source: CVE
February 14th, 2025 (5 months ago)