CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-28786 |
Description: IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-27256 |
Description: IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-26317 |
Description: In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINT_AT_INFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an incorrect shared secret.
EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23149 |
Description: A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23148 |
Description: A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23136 |
Description: A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVSS: HIGH (7.8) EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23135 |
Description: A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVSS: HIGH (7.8) EPSS Score: 0.1%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23133 |
Description: A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23132 |
Description: A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.05%
January 28th, 2025 (5 months ago)
|
|
CVE-2024-23126 |
Description: A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.07%
January 28th, 2025 (5 months ago)
|