CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-22049 |
Description: httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attacker can provide a crafted filename parameter during multipart/form-data uploads which could result in attacker controlled filenames being written.
EPSS Score: 0.2%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2193 |
Description: A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2176 |
Description: Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.08%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-21742 |
Description: Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message.
This can be exploited by an attacker to add unintended headers to MIME messages.
EPSS Score: 0.08%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2174 |
Description: Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.08%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-21733 |
Description: Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.
Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.
EPSS Score: 0.53%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2173 |
Description: Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.08%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2056 |
Description: Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2055 |
Description: The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2054 |
Description: The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.
EPSS Score: 0.48%
February 14th, 2025 (5 months ago)
|