CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-57587

Description: EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection on the authentication portal.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-57435

Description: In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication, which triggers a denial-of-service attack and service restart failure.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-57434

Description: macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-57433

Description: macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still available and fetches information in the logged-in state.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-57432

Description: macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User information is explicitly written into the JWT and used for subsequent privilege management, making it is possible to forge the JWT of any user to achieve authentication bypass.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-55062

Description: EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command injection.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-53584

Description: OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-53582

Description: An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-53537

Description: An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)

CVE-2024-53357

Description: In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt passwords are not stored securely.

EPSS Score: 0.04%

Source: CVE
February 1st, 2025 (5 months ago)