CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-31844 |
Description: An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside an error message, some information about the server is revealed, such as the absolute path of the source code of the application. This kind of information can help an attacker to perform other attacks against the system. This can be exploited without authentication.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31843 |
Description: An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31840 |
Description: An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the email server. Once the user access the edit function, the web application fills the edit form with the current credentials for the email account, including the cleartext password.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31810 |
Description: TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31803 |
Description: Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT::read_pre_data128_from_file function.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31771 |
Description: Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31757 |
Description: An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31756 |
Description: An issue in MarvinTest Solutions Hardware Access Driver v.5.0.3.0 and before and fixed in v.5.0.4.0 allows a local attacker to escalate privileges via the Hw65.sys component.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31714 |
Description: Buffer Overflow vulnerability in Waxlab wax v.0.9-3 and before allows an attacker to cause a denial of service via the Lua library component.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-31684 |
Description: Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|