CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54763 |
Description: An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication.
EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-53936 |
Description: The com.asianmobile.callcolor (aka Color Phone Call Screen App) application through 24 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.asianmobile.callcolor.ui.component.call.CallActivity component.
EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-53934 |
Description: The com.windymob.callscreen.ringtone.callcolor.colorphone (aka Color Phone Call Screen Themes) application through 1.1.2 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.frovis.androidbase.call.DialerActivity component.
EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-53933 |
Description: The com.callerscreen.colorphone.themes.callflash (aka Color Call Theme & Call Screen) application through 1.0.7 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.android.call.color.app.activities.DialerActivity component.
EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-53932 |
Description: The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme) application through 21.1.9 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.remi.colorphone.callscreen.calltheme.callerscreen.dialer.DialerActivity component.
EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-53931 |
Description: The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.glitter.caller.screen.DialerActivity component.
EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-52616 |
Description: A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
EPSS Score: 0.05%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-52615 |
Description: A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
EPSS Score: 0.05%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-52269 |
Description: User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing.
The SaaS AI assistant ignores hidden content that is rendered after signing, misleading the user.
For reference see: CVE-2024-52276
This issue affects DocuSign: through 2024-12-04.
CVSS: HIGH (8.2) EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|
|
CVE-2024-51741 |
Description: Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
January 7th, 2025 (6 months ago)
|