CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54006 |
Description: Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.
CVSS: HIGH (7.2) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-53935 |
Description: The com.callos14.callscreen.colorphone (aka iCall OS17 - Color Phone Flash) application through 4.3 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.callos14.callscreen.colorphone.DialerActivity component.
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-53800 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a through 4.15.
CVSS: HIGH (8.1) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-53345 |
Description: An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file.
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-52893 |
Description: IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3
could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-52891 |
Description: IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3
could allow an authenticated user to inject malicious information or obtain information from log files due to improper log neutralization.
CVSS: MEDIUM (5.4) EPSS Score: 0.05%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-52813 |
Description: matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptographic identity has changed from a verified to an unverified one, which could cause client applications relying on the SDK to overlook such changes. matrix-sdk-crypto 0.8.0 adds a new VerificationLevel::VerificationViolation enum variant which indicates that a previously verified identity has been changed.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-52367 |
Description: IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system.
CVSS: MEDIUM (5.3) EPSS Score: 0.05%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-52366 |
Description: IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVSS: MEDIUM (5.9) EPSS Score: 0.09%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-51715 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages allows Blind SQL Injection.This issue affects ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages: from n/a through 2.4.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|