CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-29161 |
Description: HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-29160 |
Description: HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-29157 |
Description: HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-29133 |
Description: Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.
Users are recommended to upgrade to version 2.10.1, which fixes the issue.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-29120 |
Description: In Streampark (version < 2.1.4), when a user logged in successfully, the Backend service would return "Authorization" as the front-end authentication credential. User can use this credential to request other users' information, including the administrator's username, password, salt value, etc.
Mitigation:
all users should upgrade to 2.1.4
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2887 |
Description: Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.11%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2886 |
Description: Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2885 |
Description: Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2883 |
Description: Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-28752 |
Description: A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.
EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|