CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-11628 |
Description: In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection.
CVSS: MEDIUM (4.1) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-11343 |
Description: In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access.
CVSS: HIGH (8.3) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-10960 |
Description: The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'storeUploads' function in all versions up to, and including, 2.6.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVSS: CRITICAL (9.9) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-10322 |
Description: The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
CVSS: MEDIUM (6.4) EPSS Score: 0.05%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-0145 |
Description: NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.
CVSS: MEDIUM (6.8) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-0144 |
Description: NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering.
CVSS: MEDIUM (6.8) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-0143 |
Description: NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.
CVSS: MEDIUM (6.8) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
CVE-2024-0142 |
Description: NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.
CVSS: MEDIUM (6.8) EPSS Score: 0.04%
February 13th, 2025 (5 months ago)
|
|
Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
February 12th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor Allegedly is Selling RDWeb Access to an Unidentified Insurance Company in the USA
February 12th, 2025 (5 months ago)
|