CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54499 |
Description: A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution.
EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54497 |
Description: The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service.
EPSS Score: 0.08%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54488 |
Description: A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication.
EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54478 |
Description: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process crash.
EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54475 |
Description: A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to determine a user’s current location.
EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54468 |
Description: The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox.
EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54146 |
Description: Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-54145 |
Description: Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.
CVSS: MEDIUM (6.3) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-52012 |
Description: Relative Path Traversal vulnerability in Apache Solr.
Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.
Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-51417 |
Description: An issue in System.Linq.Dynamic.Core before 1.6.0 allows remote access to properties on reflection types and static properties/fields.
EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|