Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-35272
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-35271
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-35270
Windows iSCSI Service Denial of Service Vulnerability
Description: Windows iSCSI Service Denial of Service Vulnerability

CVSS: MEDIUM (5.3)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-35267
Azure DevOps Server Spoofing Vulnerability
Description: Azure DevOps Server Spoofing Vulnerability

CVSS: HIGH (7.6)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-35266
Azure DevOps Server Spoofing Vulnerability
Description: Azure DevOps Server Spoofing Vulnerability

CVSS: HIGH (7.6)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-35261
Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
Description: Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-35256
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-34162
The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP...
Description: The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-33616
Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp...
Description: Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp Corporation states the telnet feature is implemented on older models only, and is planning to provide the firmware update to remove the feature. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (5 months ago)

CVE-2024-33610
"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session...
Description: "sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session information including session cookies, and "sys_trayentryreboot.html" allows to reboot the device. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVSS: CRITICAL (9.1)

EPSS Score: 0.09%

Source: CVE
December 11th, 2024 (5 months ago)