CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-40749 |
Description: Improper Access Controls allows access to protected views.
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-40748 |
Description: Lack of output escaping in the id attribute of menu lists.
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-40747 |
Description: Various module chromes didn't properly process inputs, leading to XSS vectors.
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-40702 |
Description: IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation.
CVSS: HIGH (8.2) EPSS Score: 0.09%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-40427 |
Description: Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-39532 |
Description: An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information.
When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information.
This issue affects:
Junos OS:
* All versions before 21.2R3-S9;
*
21.4 versions before 21.4R3-S9;
* 22.2 versions before 22.2R2-S1, 22.2R3;
* 22.3 versions before 22.3R1-S1, 22.3R2;
Junos OS Evolved:
* All versions before before 22.1R3-EVO;
* 22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO;
* 22.3-EVO versions before 22.3R1-S1-EVO, 22.3R2-EVO.
CVSS: MEDIUM (6.3) EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-35532 |
Description: An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors.
EPSS Score: 0.04%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-28778 |
Description: IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or repositories under the name of the organization.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-25037 |
Description: IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
January 8th, 2025 (6 months ago)
|
|
CVE-2024-12849 |
Description: The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
CVSS: HIGH (7.5) EPSS Score: 0.53%
January 8th, 2025 (6 months ago)
|