Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-43613
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability
Description: Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability

CVSS: HIGH (7.2)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43602
Azure CycleCloud Remote Code Execution Vulnerability
Description: Azure CycleCloud Remote Code Execution Vulnerability

CVSS: CRITICAL (9.9)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43598
LightGBM Remote Code Execution Vulnerability
Description: LightGBM Remote Code Execution Vulnerability

CVSS: HIGH (8.1)

EPSS Score: 0.16%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43530
Windows Update Stack Elevation of Privilege Vulnerability
Description: Windows Update Stack Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43499
.NET and Visual Studio Denial of Service Vulnerability
Description: .NET and Visual Studio Denial of Service Vulnerability

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43452
Windows Registry Elevation of Privilege Vulnerability
Description: Windows Registry Elevation of Privilege Vulnerability

CVSS: HIGH (7.5)

EPSS Score: 0.13%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-40883
Description: Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be directed to perform unintended operations such as changing the login ID, login password, etc.

CVSS: MEDIUM (6.5)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-39702
Description: In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash Denial of Service) attacks. An attacker could cause excessive resource usage during proxy operations via crafted requests, potentially leading to a denial of service with relatively few incoming requests. This vulnerability only exists in the OpenResty fork in the openresty/luajit2 GitHub repository. The LuaJIT/LuaJIT repository. is unaffected.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-39607
Description: OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-39281
Unbounded allocation in ctl(4) CAM Target Layer
Description: The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)