CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-48121 |
Description: The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over the GIOP protocol. This allows attackers to possibly gain access to sensitive information via a man-in-the-middle attack.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-47665 |
Description: In the Linux kernel, the following vulnerability has been resolved:
i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
Definitely condition dma_get_cache_alignment * defined value > 256
during driver initialization is not reason to BUG_ON(). Turn that to
graceful error out with -EINVAL.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-44136 |
Description: This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-42159 |
Description: In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Sanitise num_phys
Information is stored in mr_sas_port->phy_mask, values larger then size of
this field shouldn't be allowed.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-41454 |
Description: An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-41453 |
Description: A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-40854 |
Description: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination.
EPSS Score: 0.05%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-40839 |
Description: This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-40771 |
Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, watchOS 10.5, tvOS 17.5, macOS Ventura 13.6.7, visionOS 1.2. An app may be able to execute arbitrary code with kernel privileges.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
|
CVE-2024-39967 |
Description: Insecure permissions in Aginode GigaSwitch v5 allows attackers to access sensitive information via using the SCP command.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|