cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-49386,https://securityvulnerability.io/vulnerability/CVE-2024-49386,Acronis Cyber Files (Windows) Sensitive Information Disclosure Due to Spell-Jacking,Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.,Acronis,Acronis Cyber Files,5.7,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-10-17T09:49:45.442Z,0
CVE-2024-49389,https://securityvulnerability.io/vulnerability/CVE-2024-49389,Insecure Folder Permissions Lead to Local Privilege Escalation,"The vulnerability arises from insecure folder permissions within Acronis Cyber Files for Windows, allowing a local attacker to escalate privileges. This flaw impacts versions prior to build 9.0.0x24 and could enable unauthorized access to sensitive files or functionalities, posing significant security risks. Users are advised to review security measures and update to the latest version to mitigate the potential risks associated with this vulnerability. For further details, refer to the vendor advisory.",Acronis,Acronis Cyber Files,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-17T09:49:33.785Z,0
CVE-2024-49390,https://securityvulnerability.io/vulnerability/CVE-2024-49390,DLL Hijacking Vulnerability Affects Acronis Cyber Files (Windows),"A vulnerability has been identified in Acronis Cyber Files for Windows, which allows for local privilege escalation stemming from a DLL hijacking issue. This vulnerability allows an attacker to exploit the way the application loads dynamic link libraries, leading to potential unauthorized access to system resources. Users of Acronis Cyber Files versions prior to build 9.0.0x24 are at risk and should take necessary precautions as detailed in the vendor advisory.",Acronis,Acronis Cyber Files,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-17T09:49:16.975Z,0
CVE-2024-49391,https://securityvulnerability.io/vulnerability/CVE-2024-49391,DLL Hijacking Vulnerability Affects Acronis Cyber Files (Windows),"A local privilege escalation vulnerability has been identified in Acronis Cyber Files for Windows that may be exploited through DLL hijacking. This issue affects versions prior to build 9.0.0x24, allowing unauthorized users to elevate their privileges on the affected system. Vigilant monitoring and timely updates to the software are essential to mitigate the risk associated with this vulnerability.",Acronis,Acronis Cyber Files,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-17T09:48:58.555Z,0
CVE-2024-49392,https://securityvulnerability.io/vulnerability/CVE-2024-49392,Stored XSS Vulnerability Affects Acronis Cyber Files (Windows),Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.,Acronis,Acronis Cyber Files,4.8,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-17T09:48:39.748Z,0