CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-48125

Description: An issue in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumerate user credentials via crafted GIOP protocol requests.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-48123

Description: An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-48122

Description: Insecure default configurations in HI-SCAN 6040i Hitrax HX-03-19-I allow authenticated attackers with low-level privileges to escalate to root-level privileges.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-48121

Description: The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over the GIOP protocol. This allows attackers to possibly gain access to sensitive information via a man-in-the-middle attack.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-47665

Description: In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup Definitely condition dma_get_cache_alignment * defined value > 256 during driver initialization is not reason to BUG_ON(). Turn that to graceful error out with -EINVAL.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-44136

Description: This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-42159

Description: In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-41454

Description: An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-41453

Description: A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.

EPSS Score: 0.04%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-40854

Description: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination.

EPSS Score: 0.05%

Source: CVE
January 16th, 2025 (6 months ago)