CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-26367 |
Description: Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE-* Build 1467, evEDGE-EO-* Build 0029, MMA10G-* Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2631 |
Description: Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-26308 |
Description: Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.
Users are recommended to upgrade to version 1.26, which fixes the issue.
EPSS Score: 0.13%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-26307 |
Description: Possible race condition vulnerability in Apache Doris.
Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.
This could theoretically happen, but the impact would be minimal.
This issue affects Apache Doris: before 1.2.8, before 2.0.4.
Users are recommended to upgrade to version 2.0.4, which fixes the issue.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2630 |
Description: Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
EPSS Score: 0.11%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2629 |
Description: Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-26280 |
Description: Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by default, they need to be explicitly granted permissions to see the logs. Only admin users have audit log permission by default.
Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk associated with this vulnerability
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2628 |
Description: Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2627 |
Description: Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
EPSS Score: 0.11%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-2626 |
Description: Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
EPSS Score: 0.1%
February 14th, 2025 (5 months ago)
|