CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-38320 |
Description: IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS: MEDIUM (5.9) EPSS Score: 0.09%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37527 |
Description: IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37526 |
Description: IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-3727 |
Description: A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37005 |
Description: A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37004 |
Description: A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVSS: HIGH (7.8) EPSS Score: 0.19%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37003 |
Description: A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37002 |
Description: A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37001 |
Description: A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-37000 |
Description: A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.13%
January 28th, 2025 (5 months ago)
|