CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54959 |
Description: Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack through the Favorites component, enabling POST-based Cross-Site Scripting (XSS).
EPSS Score: 0.03%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-54958 |
Description: Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting (XSS) vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users accessing the page.
EPSS Score: 0.03%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-54756 |
Description: A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1 allows attackers to execute arbitrary code via supplying a crafted PK3 file containing a malicious ZScript source file.
EPSS Score: 0.1%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49782 |
Description: IBM OpenPages with Watson 8.3 and 9.0
could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive information disclosed through email notifications generated by OpenPages or disrupt notification delivery.
CVSS: MEDIUM (6.8) EPSS Score: 0.09%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49781 |
Description: IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CVSS: HIGH (7.1) EPSS Score: 0.18%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49780 |
Description: IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. An attacker with privileges to perform Import Configuration could send a specially crafted http request containing "dot dot" sequences (/../) in the file name parameter used in Import Configuration to write files to arbitrary locations outside of the specified directory and possibly overwrite arbitrary files.
CVSS: MEDIUM (5.3) EPSS Score: 0.24%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49779 |
Description: IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages
could allow a remote attacker to bypass security restrictions, caused by improper validation and management of authentication cookies. By modifying the CSRF token and Session Id cookie parameters using the cookies of another user, a remote attacker could exploit this vulnerability to bypass security restrictions and gain unauthorized access to the vulnerable application.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49355 |
Description: IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature.
CVSS: MEDIUM (5.3) EPSS Score: 0.03%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49344 |
Description: IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages
with Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
February 21st, 2025 (5 months ago)
|
|
CVE-2024-49337 |
Description: IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages
is vulnerable to HTML injection, caused by improper validation of user-supplied input of text fields used to construct workflow email notifications. A remote authenticated attacker could exploit this vulnerability using HTML tags in a text field of an object to inject malicious script into an email which would be executed in a victim's mail client within the security context of the OpenPages mail message. An attacker could use this for phishing or identity theft attacks.
CVSS: MEDIUM (5.4) EPSS Score: 0.03%
February 21st, 2025 (5 months ago)
|