CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-6437

Description: On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action and be slow-path forwarded (FIB routed) by the kernel as the packets are trapped to the CPU instead of following the redirect action's destination.

CVSS: MEDIUM (5.8)

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-5872

Description: On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57823

Description: In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path().

CVSS: CRITICAL (9.3)

EPSS Score: 0.05%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57822

Description: In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

CVSS: MEDIUM (4.0)

EPSS Score: 0.05%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57687

Description: An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "Cookie" GET request parameter.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57686

Description: A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "pagetitle" parameter.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57228

Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57227

Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57226

Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2024-57225

Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)