CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-57538	Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to... Description: Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-57537	Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without... Description: Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-57536	Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status. Description: Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-57360	https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is:... Description: https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: `nm --without-symbol-version` function. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-57036	TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability... Description: TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-56998	PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit-profile.php via the parameter $address. Description: PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit-profile.php via the parameter $address. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-56997	PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor/index.php via the 'Email' parameter. Description: PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor/index.php via the 'Email' parameter. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-56990	PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /view-medhistory.php and /admin/view-patient.php. Description: PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /view-medhistory.php and /admin/view-patient.php. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-55959	Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. Description: Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)
CVE-2024-55958	Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6. Description: Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6. EPSS Score: 0.04% Source: CVE January 22nd, 2025 (5 months ago)