CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-52884 |
Description: An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501.841. Due to the use of weak password obfuscation/encryption, an attacker with access to configuration exports (INI) is able to decrypt the passwords.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-52883 |
Description: An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to a path traversal vulnerability, sensitive data can be read without any authentication.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-52882 |
Description: An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API, an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-52881 |
Description: An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to the use of a hard-coded key, an attacker is able to decrypt sensitive data such as passwords extracted from the topology file.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-48091 |
Description: Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-35106 |
Description: NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a buffer overflow at /boafrm/formIpQoS. This vulnerability allows attackers to cause a Denial of Service (DoS) or potentially arbitrary code execution via a crafted POST request.
EPSS Score: 0.05%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-3296 |
Description: A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-31420 |
Description: A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine.
EPSS Score: 0.04%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-2002 |
Description: A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
EPSS Score: 0.05%
February 8th, 2025 (5 months ago)
|
|
CVE-2024-1013 |
Description: An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
EPSS Score: 0.05%
February 8th, 2025 (5 months ago)
|