CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-43491	Microsoft Windows Update Remote Code Execution Vulnerability Description: Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support. CVSS: CRITICAL (9.8) EPSS Score: 0.1% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43489	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVSS: MEDIUM (6.5) EPSS Score: 0.09% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43487	Windows Mark of the Web Security Feature Bypass Vulnerability Description: Windows Mark of the Web Security Feature Bypass Vulnerability CVSS: MEDIUM (6.5) EPSS Score: 0.06% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43482	Microsoft Outlook for iOS Information Disclosure Vulnerability Description: Microsoft Outlook for iOS Information Disclosure Vulnerability CVSS: MEDIUM (6.5) EPSS Score: 0.06% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43479	Microsoft Power Automate Desktop Remote Code Execution Vulnerability Description: Microsoft Power Automate Desktop Remote Code Execution Vulnerability CVSS: HIGH (8.5) EPSS Score: 0.05% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43477	Microsoft Entra ID Elevation of Privilege Vulnerability Description: Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43476	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Description: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability CVSS: HIGH (7.6) EPSS Score: 0.05% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43475	Microsoft Windows Admin Center Information Disclosure Vulnerability Description: Microsoft Windows Admin Center Information Disclosure Vulnerability CVSS: HIGH (7.3) EPSS Score: 0.06% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43474	Microsoft SQL Server Information Disclosure Vulnerability Description: Microsoft SQL Server Information Disclosure Vulnerability CVSS: HIGH (7.6) EPSS Score: 0.13% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-43472	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Description: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability CVSS: MEDIUM (5.8) EPSS Score: 0.12% Source: CVE January 1st, 2025 (6 months ago)