Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-35261 |
Description: Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
CVSS: HIGH (7.8) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-35256 |
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-34162 |
Description: The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-33616 |
Description: Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp Corporation states the telnet feature is implemented on older models only, and is planning to provide the firmware update to remove the feature. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-33610 |
Description: "sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session information including session cookies, and "sys_trayentryreboot.html" allows to reboot the device. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: CRITICAL (9.1) EPSS Score: 0.09%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-33605 |
Description: Improper processing of some parameters of installed_emanual_list.html leads to a path traversal vulnerability. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS: HIGH (7.5) EPSS Score: 0.09%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-32987 |
Description: Microsoft SharePoint Server Information Disclosure Vulnerability
CVSS: HIGH (7.5) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-32732 |
Description: Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-30105 |
Description: .NET and Visual Studio Denial of Service Vulnerability
CVSS: HIGH (7.5) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-30098 |
Description: Windows Cryptographic Services Security Feature Bypass Vulnerability
CVSS: HIGH (7.5) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|