CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-28770 |
Description: IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.
CVSS: MEDIUM (4.8) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-28766 |
Description: IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system.
CVSS: LOW (2.4) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-28127 |
Description: Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-28047 |
Description: Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVSS: MEDIUM (6.8) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-26021 |
Description: Improper initialization in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.
CVSS: MEDIUM (4.6) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-25571 |
Description: Improper input validation in some Intel(R) SPS firmware before SPS_E5_06.01.04.059.0 may allow a privileged user to potentially enable denial of service via local access.
CVSS: MEDIUM (4.6) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-24852 |
Description: Uncontrolled search path in some Intel(R) Ethernet Adapter Complete Driver Pack install before versions 29.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-24772 |
Description: A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.
Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.
CVSS: MEDIUM (4.3) EPSS Score: 0.1%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-24582 |
Description: Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-23563 |
Description: HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.
CVSS: LOW (3.9) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|