CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-36262 |
Description: Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS: HIGH (8.6) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-34579 |
Description: Fuji Electric Alpha5 SMART
is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
CVSS: HIGH (7.8) EPSS Score: 0.07%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-34521 |
Description: A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access system files with the file permissions of the privileged system user running the application.
EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-34520 |
Description: An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing client-side access controls.
EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-33891 |
Description: Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretServer/webservices/SSWebService.asmx. This is related to a hardcoded key, the use of the integer 2 for the Admin user, and removal of the oauthExpirationId attribute.
CVSS: HIGH (8.8) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32942 |
Description: Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32941 |
Description: NULL pointer dereference for some Intel(R) MLC software before version v3.11b may allow an authenticated user to potentially enable denial of service via local access.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32938 |
Description: Uncontrolled search path for some Intel(R) MPI Library for Windows software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-32838 |
Description: SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract versions 1.9 and before have a vulnerability that allows an authenticated attacker to inject malicious data into some of the REST API endpoints' query parameter.
Users are recommended to upgrade to version 1.10.1, which fixes this issue.
A SQL Validator has been implemented which allows us to configure a series of tests and checks against our SQL queries that will allow us to validate and protect against nearly all potential SQL injection attacks.
EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-31858 |
Description: Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS: HIGH (7.3) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|