CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-36556 |
Description: Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever KidsWatch Call Me 2 KW60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b have a Hardcoded password vulnerability.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-36555 |
Description: Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me 2 KW-60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b allows malicious users to change the device IMEI-number which allows for forging the identity of the device.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-36554 |
Description: Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me KW-60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b allow a malicious user to gain information about the device by sending an SMS to the device which returns sensitive information.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-36553 |
Description: Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-34329 |
Description: Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload.
EPSS Score: 0.05%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-33898 |
Description: Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 is affected by an Incorrect Access Control vulnerability. An authorization bypass allows remote attackers to achieve unauthenticated remote code execution.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-3094 |
Description: Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.
Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
EPSS Score: 34.42%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-25883 |
Description: The mstatus register in RSD commit 3d13a updates incorrectly, leading to processing errors.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-1485 |
Description: A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed.
EPSS Score: 0.11%
February 7th, 2025 (5 months ago)
|
|
CVE-2024-1139 |
Description: A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.
EPSS Score: 0.04%
February 7th, 2025 (5 months ago)
|