CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-21875

Description: Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-21538

Description: Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13312

Description: Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 11.8.0 before 12.3.10, from 12.4.0 before 12.4.9.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13311

Description: Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: *.*.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13310

Description: Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: *.*.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13309

Description: Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13308

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13304

Description: Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3.

CVSS: MEDIUM (4.5)

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13300

Description: Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13299

Description: Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: *.*.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)