CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-56990 |
Description: PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /view-medhistory.php and /admin/view-patient.php.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-55959 |
Description: Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-55958 |
Description: Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-55504 |
Description: An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject arbitrary code potentially leading to remote control and unauthorized access to sensitive user data via the exploit_combined.dylib component on MacOS.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-54795 |
Description: SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create/edit forms of the worksheet designer function.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-54794 |
Description: The script input feature of SpagoBI 3.5.1 allows arbitrary code execution.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-54792 |
Description: A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authenticated user can lead another user into executing unwanted actions inside the application they are logged in, like adding, editing or deleting users.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-51941 |
Description: A remote code injection vulnerability exists in the Ambari Metrics and
AMS Alerts feature, allowing authenticated users to inject and execute
arbitrary code. The vulnerability occurs when processing alert
definitions, where malicious input can be injected into the alert script
execution path. An attacker with authenticated access can exploit this
vulnerability to execute arbitrary commands on the server. The issue has
been fixed in the latest versions of Ambari.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-51417 |
Description: An issue in System.Linq.Dynamic.Core Latest version v.1.4.6 allows remote access to properties on reflection types and static properties/fields.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-49748 |
Description: In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|