Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-43462
SQL Server Native Client Remote Code Execution Vulnerability
Description: SQL Server Native Client Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.15%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43459
SQL Server Native Client Remote Code Execution Vulnerability
Description: SQL Server Native Client Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.15%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43451
NTLM Hash Disclosure Spoofing Vulnerability
Description: NTLM Hash Disclosure Spoofing Vulnerability

CVSS: MEDIUM (6.5)

EPSS Score: 1.33%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43450
Windows DNS Spoofing Vulnerability
Description: Windows DNS Spoofing Vulnerability

CVSS: HIGH (7.5)

EPSS Score: 0.13%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43449
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVSS: MEDIUM (6.8)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-43447
Windows SMBv3 Server Remote Code Execution Vulnerability
Description: Windows SMBv3 Server Remote Code Execution Vulnerability

CVSS: HIGH (8.1)

EPSS Score: 0.16%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-42412
Description: Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.

CVSS: MEDIUM (6.1)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-36248
Description: API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVSS: CRITICAL (9.1)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-34162
Description: The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-33605
Description: Improper processing of some parameters of installed_emanual_list.html leads to a path traversal vulnerability. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE
November 27th, 2024 (5 months ago)