CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-7344	Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. Description: Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57767	MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download. Description: MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57766	MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField. Description: MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57765	MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list. Description: MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57764	MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add. Description: MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57763	MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField. Description: MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57762	MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file. Description: MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57761	An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via... Description: An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57760	JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java. Description: JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-57757	JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava. Description: JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava. EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)