CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-22774	An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe... Description: An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22641	TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. Description: TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22590	The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be... Description: The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22588	Kwik commit 745fd4e2 does not discard unused encryption keys. Description: Kwik commit 745fd4e2 does not discard unused encryption keys. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22525	dnspod-sr 0dfbd37 contains a SEGV. Description: dnspod-sr 0dfbd37 contains a SEGV. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22524	dnspod-sr 0dfbd37 is vulnerable to buffer overflow. Description: dnspod-sr 0dfbd37 is vulnerable to buffer overflow. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22393	Apache Answer: Pixel Flood Attack by uploading the large pixel file Description: Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content. Users are recommended to upgrade to version [1.2.5], which fixes the issue. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-2216	A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission... Description: A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-2215	A cross-site request forgery (CSRF) vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an... Description: A cross-site request forgery (CSRF) vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-22074	Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through... Description: Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through 1.4.1230, and 1.0.516 through 1.3.0115 has Incorrect Access Control. This is fixed in 1.8.2014, 1.7.4212, 1.6.3212, 1.5.31212, 1.4.3212, and 1.3.3212. EPSS Score: 0.09% Source: CVE February 14th, 2025 (5 months ago)