CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-57065 |
Description: A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-57064 |
Description: A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-57063 |
Description: A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56473 |
Description: IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address, which is written to log files, due to improper verification of 'Client-IP' headers.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56472 |
Description: IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (6.4) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56471 |
Description: IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56470 |
Description: IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56135 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56134 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
Multi-Tenant Hypervisor
7.1.35.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-56133 |
Description: Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
CVSS: HIGH (8.4) EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|