CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-11954
Pimcore Search Document cross site scripting
Description: A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In Pimcore 11.4.2 wurde eine problematische Schwachstelle entdeckt. Es geht um eine nicht näher bekannte Funktion der Komponente Search Document. Durch das Manipulieren mit unbekannten Daten kann eine basic cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.1)

EPSS Score: 0.05%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-11135
Eventer <= 3.9.8 - Unauthenticated SQL Injection
Description: The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and including, 3.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0446
Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
Description: A maliciously crafted STP, CATPART or MODEL file when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk applications can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVSS: HIGH (7.8)

EPSS Score: 0.05%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0150
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A...
Description: NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0149
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of...
Description: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.

CVSS: LOW (3.3)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0147
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of...
Description: NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.

CVSS: MEDIUM (5.5)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0146
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful...
Description: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0140
NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. A successful exploit...
Description: NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0137
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code...
Description: NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.

CVSS: MEDIUM (5.5)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)

CVE-2024-0136
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code...
Description: NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CVSS: HIGH (7.6)

EPSS Score: 0.04%

Source: CVE
January 29th, 2025 (5 months ago)