CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-48121

Description: The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over the GIOP protocol. This allows attackers to possibly gain access to sensitive information via a man-in-the-middle attack.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-47665

Description: In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup Definitely condition dma_get_cache_alignment * defined value > 256 during driver initialization is not reason to BUG_ON(). Turn that to graceful error out with -EINVAL.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-44136

Description: This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-42159

Description: In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-41454

Description: An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-41453

Description: A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-40854

Description: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination.

EPSS Score: 0.05%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-40839

Description: This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-40771

Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, watchOS 10.5, tvOS 17.5, macOS Ventura 13.6.7, visionOS 1.2. An app may be able to execute arbitrary code with kernel privileges.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-39967

Description: Insecure permissions in Aginode GigaSwitch v5 allows attackers to access sensitive information via using the SCP command.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)