CyberAlerts

CVE-2024-39607

Description: OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-39281

Unbounded allocation in ctl(4) CAM Target Layer

Description: The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38834

Stored cross-site scripting vulnerability (CVE-2024-38834)

Description: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38833

Stored cross-site scripting vulnerability (CVE-2024-38833)

Description: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38832

Stored cross-site scripting vulnerability (CVE-2024-38832)

Description: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38831

Local privilege escalation vulnerability (CVE-2024-38831)

Description: VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to  a root user on the appliance running VMware Aria Operations.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38830

Local privilege escalation vulnerability

Description: VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38264

Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

Description: Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

CVSS: MEDIUM (5.9)

EPSS Score: 0.07%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38255

SQL Server Native Client Remote Code Execution Vulnerability

Description: SQL Server Native Client Remote Code Execution Vulnerability

CVSS: HIGH (8.8)

EPSS Score: 0.15%

Source: CVE

November 27th, 2024 (5 months ago)

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

Description: Windows Package Library Manager Information Disclosure Vulnerability

CVSS: MEDIUM (6.2)

EPSS Score: 0.05%

Source: CVE

November 27th, 2024 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: