CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-47770	Ability to view Agent list with no privilege access in wazuh-dashboard Description: Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. CVSS: MEDIUM (4.6) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45584	Untrusted Pointer Dereference in Automotive Android OS Description: Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45582	Improper Validation of Array Index in Camera Driver Description: Memory corruption while validating number of devices in Camera kernel . CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45573	Use of Out-of-range Pointer Offset in Display Description: Memory corruption may occour while generating test pattern due to negative indexing of display ID. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45571	Use After Free in WLAN Host Communication Description: Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45569	Improper Validation of Array Index in WLAN Host Communication Description: Memory corruption while parsing the ML IE due to invalid frame content. CVSS: CRITICAL (9.8) EPSS Score: 0.08% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45561	Use After Free in Windows WLAN Host Description: Memory corruption while handling IOCTL call from user-space to set latency level. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-45560	Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Description: Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-44449	Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a remote attacker to obtain sensitive information via the msg parameter... Description: Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a remote attacker to obtain sensitive information via the msg parameter in the Login page. CVSS: MEDIUM (6.1) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)
CVE-2024-43333	WordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.2.1 - Privilege Escalation vulnerability Description: Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through 7.6.2.1. CVSS: HIGH (7.5) EPSS Score: 0.04% Source: CVE February 4th, 2025 (5 months ago)