CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-43771 |
Description: In gatts_process_read_req of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-43770 |
Description: In gatts_process_find_info of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-43763 |
Description: In build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error in the code. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-43096 |
Description: In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-42936 |
Description: The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is vulnerable to Remote Code Execution via a modified MQTT broker message.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-34722 |
Description: In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24445 |
Description: OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24444 |
Description: Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24443 |
Description: An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDU Session Resource Setup Response.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24428 |
Description: A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|