CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-49807 |
Description: IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (6.4) EPSS Score: 0.05%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-49766 |
Description: Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python >= 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch.
CVSS: MEDIUM (6.3) EPSS Score: 0.05%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-49349 |
Description: IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (6.1) EPSS Score: 0.05%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-49339 |
Description: IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (6.4) EPSS Score: 0.05%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-47900 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-47899 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-47898 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-47891 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-47857 |
Description: SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing PrivX "account A" to impersonate another existing PrivX "account B" and gain access to SSH target hosts to which the "account B" has access.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
|
CVE-2024-47116 |
Description: IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
February 1st, 2025 (5 months ago)
|