CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-33891 |
Description: Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretServer/webservices/SSWebService.asmx. This is related to a hardcoded key, the use of the integer 2 for the Admin user, and removal of the oauthExpirationId attribute.
CVSS: HIGH (8.8) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32942 |
Description: Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32941 |
Description: NULL pointer dereference for some Intel(R) MLC software before version v3.11b may allow an authenticated user to potentially enable denial of service via local access.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32938 |
Description: Uncontrolled search path for some Intel(R) MPI Library for Windows software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32838 |
Description: SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract versions 1.9 and before have a vulnerability that allows an authenticated attacker to inject malicious data into some of the REST API endpoints' query parameter.
Users are recommended to upgrade to version 1.10.1, which fixes this issue.
A SQL Validator has been implemented which allows us to configure a series of tests and checks against our SQL queries that will allow us to validate and protect against nearly all potential SQL injection attacks.
EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-31858 |
Description: Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: HIGH (7.3) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-31157 |
Description: Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVSS: MEDIUM (6.8) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-31155 |
Description: Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS: HIGH (8.7) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-31153 |
Description: Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access.
CVSS: MEDIUM (5.1) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-31068 |
Description: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access.
CVSS: MEDIUM (5.6) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|