Vulnerebility Vulnerebility Calendar Top 40 in years Top Vulnerebility List of Attack EVCatalog
| DATE | NAME |
CATEGORY |
SUB | |
|
19.3.25 |
CVE-2025-20061 |
VULNEREBILITY |
An operating system command injection vulnerability that could permit an attacker to execute arbitrary commands on the affected system via specially crafted POST requests containing an email parameter | |
|
19.3.25 |
CVE-2025-20014 |
VULNEREBILITY |
An operating system command injection vulnerability that could permit an attacker to execute arbitrary commands on the affected system via specially crafted POST requests containing a version parameter | |
|
19.3.25 |
CVE-2025-30066 |
VULNEREBILITY |
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.) | |
|
19.3.25 |
CVE-2024-54085 |
VULNEREBILITY |
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | |
|
18.3.25 |
CVE-2025-24813 |
VULNEREBILITY |
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. | |
|
17.3.25 |
CVE-2025-1316 |
VULNEREBILITY |
Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device | |
|
17.3.25 |
CVE-2025-30066 |
VULNEREBILITY |
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.) | |
|
16.3.25 |
CVE-2025-20115 |
VULNEREBILITY |
A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | |
|
16.3.25 |
CVE-2025-21590 |
VULNEREBILITY |
An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. | |
| 13.3.25 | CVE-2025-25292 |
VULNEREBILITY |
Ruby SAML allows a SAML authentication bypass due to namespace handling (parser differential) | |
| 13.3.25 | CVE-2025-25291 |
VULNEREBILITY |
Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential) | |
| 13.3.25 | CVE-2025-27363 |
VULNEREBILITY |
n out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. | |
| 12.3.25 | CVE-2017-0929 |
VULNEREBILITY |
(CVSS score: 7.5) - DotNetNuke | |
| 12.3.25 | CVE-2020-7796 |
VULNEREBILITY |
(CVSS score: 9.8) - Zimbra Collaboration Suite | |
| 12.3.25 | CVE-2021-21973 |
VULNEREBILITY |
(CVSS score: 5.3) - VMware vCenter | |
| 12.3.25 | CVE-2021-22054 |
VULNEREBILITY |
(CVSS score: 7.5) - VMware Workspace ONE UEM | |
| 12.3.25 | CVE-2021-22175 |
VULNEREBILITY |
(CVSS score: 9.8) - GitLab CE/EE | |
| 12.3.25 | CVE-2021-22214 |
VULNEREBILITY |
CVSS score: 8.6) - GitLab CE/EE | |
| 12.3.25 | CVE-2021-39935 |
VULNEREBILITY |
(CVSS score: 7.5) - GitLab CE/EE | |
| 12.3.25 | CVE-2023-5830 |
VULNEREBILITY |
(CVSS score: 9.8) - ColumbiaSoft DocumentLocator | |
| 12.3.25 | CVE-2024-6587 |
VULNEREBILITY |
(CVSS score: 7.5) - BerriAI LiteLLM | |
| 12.3.25 | CVE-2024-21893 |
VULNEREBILITY |
(CVSS score: 8.2) - Ivanti Connect Secure | |
| 12.3.25 | CVE-2025-24983 |
VULNEREBILITY |
(CVSS score: 7.0) - A Windows Win32 Kernel Subsystem use-after-free (UAF) vulnerability that allows an authorized attacker to elevate privileges locally | |
| 12.3.25 | CVE-2025-24984 |
VULNEREBILITY |
(CVSS score: 4.6) - A Windows NTFS information disclosure vulnerability that allows an attacker with physical access to a target device and the ability to plug in a malicious USB drive to potentially read portions of heap memory | |
| 12.3.25 | CVE-2025-24985 |
VULNEREBILITY |
(CVSS score: 7.8) - An integer overflow vulnerability in Windows Fast FAT File System Driver that allows an unauthorized attacker to execute code locally |
|
| 12.3.25 | CVE-2025-24991 |
VULNEREBILITY |
(CVSS score: 5.5) - An out-of-bounds read vulnerability in Windows NTFS that allows an authorized attacker to disclose information locally | |
| 12.3.25 | CVE-2025-24993 |
VULNEREBILITY |
(CVSS score: 7.8) - A heap-based buffer overflow vulnerability in Windows NTFS that allows an unauthorized attacker to execute code locally | |
| 12.3.25 | CVE-2025-26633 |
VULNEREBILITY |
(CVSS score: 7.0) - An improper neutralization vulnerability in Microsoft Management Console that allows an unauthorized attacker to bypass a security feature locally | |
| 12.3.25 | Apple security releases | VULNEREBILITY | Update | This document lists security updates and Rapid Security Responses for Apple software. |
| 11.3.25 | CVE-2024-57968 |
VULNEREBILITY |
An unrestricted file upload vulnerability in Advantive VeraCore that allows a remote unauthenticated attacker to upload files to unintended folders via upload.apsx | |
| 11.3.25 | CVE-2025-25181 |
VULNEREBILITY |
An SQL injection vulnerability in Advantive VeraCore that allows a remote attacker to execute arbitrary SQL commands | |
| 11.3.25 | CVE-2024-13159 |
VULNEREBILITY |
An absolute path traversal vulnerability in Ivanti EPM that allows a remote unauthenticated attacker to leak sensitive information | |
| 11.3.25 | CVE-2024-13160 |
VULNEREBILITY |
An absolute path traversal vulnerability in Ivanti EPM that allows a remote unauthenticated attacker to leak sensitive information | |
| 11.3.25 | CVE-2024-13161 |
VULNEREBILITY |
An absolute path traversal vulnerability in Ivanti EPM that allows a remote unauthenticated attacker to leak sensitive information | |
| 11.3.25 | CVE-2024-12297 |
VULNEREBILITY |
Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. | |
| 9.3.25 | CVE-2025-27840 |
VULNEREBILITY |
Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory). | |
| 9.3.25 | CVE-2025-1316 |
VULNEREBILITY |
Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device | |
| 7.3.25 | CVE-2024-4577 |
VULNEREBILITY |
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions | |
| 7.3.25 | CVE-2025-25012 |
VULNEREBILITY |
Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions >= 8.15.0 and < 8.17.1, this is exploitable by users with the Viewer role | |
| 5.3.25 | CVE-2025-22224 |
VULNEREBILITY |
(CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with local administrative privileges on a virtual machine could exploit to execute code as the virtual machine's VMX process running on the host | |
| 5.3.25 | CVE-2025-22225 |
VULNEREBILITY |
(CVSS score: 8.2) - An arbitrary write vulnerability that a malicious actor with privileges within the VMX process could exploit to result in a sandbox escape | |
| 5.3.25 | CVE-2025-22226 |
VULNEREBILITY |
(CVSS score: 7.1) - An information disclosure vulnerability due to an out-of-bounds read in HGFS that a malicious actor with administrative privileges to a virtual machine could exploit to leak memory from the vmx process | |
| 4.3.25 | CVE-2023-20118 |
VULNEREBILITY |
(CVSS score: 6.5) - A command injection vulnerability in the web-based management interface of Cisco Small Business RV Series routers that allows an authenticated, remote attacker to gain root-level privileges and access unauthorized data (Unpatched due to the routers reaching end-of-life status) | |
| 4.3.25 | CVE-2022-43939 |
VULNEREBILITY |
(CVSS score: 8.6) - An authorization bypass vulnerability in Hitachi Vantara Pentaho BA Server that stems from the use of non-canonical URL paths for authorization decisions (Fixed in August 2024 with versions 9.3.0.2 and 9.4.0.1) | |
| 4.3.25 | CVE-2022-43769 |
VULNEREBILITY |
(CVSS score: 7.8) - An improper resource shutdown or release vulnerability in Microsoft Windows Win32k that allows for local, authenticated privilege escalation, and running arbitrary code in kernel mode (Fixed in December 2018) | |
| 4.3.25 | CVE-2018-8639 |
VULNEREBILITY |
(CVSS score: 7.8) - An improper resource shutdown or release vulnerability in Microsoft Windows Win32k that allows for local, authenticated privilege escalation, and running arbitrary code in kernel mode (Fixed in December 2018) | |
| 4.3.25 | CVE-2024-4885 |
VULNEREBILITY |
(CVSS score: 9.8) - A path traversal vulnerability in Progress WhatsUp Gold that allows an unauthenticated attacker to achieve remote code execution (Fixed in version 2023.1.3 in June 2024) | |
| 4.3.25 | CVE-2024-43093 |
VULNEREBILITY |
A privilege escalation flaw in the Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective sub-directories. | |
| 4.3.25 | CVE-2024-50302 |
VULNEREBILITY |
A privilege escalation flaw in the HID USB component of the Linux kernel that could lead to a leak of uninitialized kernel memory to a local attacker through specially crafted HID reports. | |
| 4.3.25 | CVE-2025-0285 |
VULNEREBILITY |
An arbitrary kernel memory mapping vulnerability in version 7.9.1 caused by a failure to validate user-supplied data lengths. Attackers can exploit this flaw to escalate privileges. | |
| 4.3.25 | CVE-2025-0286 |
VULNEREBILITY |
An arbitrary kernel memory write vulnerability in version 7.9.1 due to improper validation of user-supplied data lengths. This flaw can allow attackers to execute arbitrary code on the victim's machine. | |
| 4.3.25 | CVE-2025-0287 |
VULNEREBILITY |
A null pointer dereference vulnerability in version 7.9.1 caused by the absence of a valid MasterLrp structure in the input buffer. This allows an attacker to execute arbitrary kernel code, enabling privilege escalation. | |
| 4.3.25 | CVE-2025-0288 |
VULNEREBILITY |
An arbitrary kernel memory vulnerability in version 7.9.1 caused by the memmove function, which fails to sanitize user-controlled input. This allows an attacker to write arbitrary kernel memory and achieve privilege escalation. |
|
| 4.3.25 | CVE-2025-0289 |
VULNEREBILITY |
An insecure kernel resource access vulnerability in version 17 caused by failure to validate the MappedSystemVa pointer before passing it to HalReturnToFirmware. This allows attackers to compromise the affected service. | |
| 1.3.25 | CVE-2024-53197 |
VULNEREBILITY |
(CVSS score: N/A) - An out-of-bounds access vulnerability for Extigy and Mbox devices | |
| 1.3.25 | CVE-2024-50302 |
VULNEREBILITY |
(CVSS score: 5.5) - A use of an uninitialized resource vulnerability that could be used to leak kernel memory | |
| 26.2.25 | CVE-2023-34192 |
VULNEREBILITY |
(CVSS score: 9.0) - A cross-site scripting (XSS) vulnerability in Synacor ZCS that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. (Fixed in July 2023 with version 8.8.15 Patch 40) | |
| 26.2.25 | CVE-2024-49035 |
VULNEREBILITY |
(CVSS score: 8.7) - An improper access control vulnerability in Microsoft Partner Center that allows an attacker to escalate privileges. (Fixed in November 2024) | |
| 22.2.25 | CVE-2025-26465 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 6.8) - The OpenSSH client contains a logic error between versions 6.8p1 to 9.9p1 (inclusive) that makes it vulnerable to an active MitM attack if the VerifyHostKeyDNS option is enabled, allowing a malicious interloper to impersonate a legitimate server when a client attempts to connect to it (Introduced in December 2014) |
| 22.2.25 | CVE-2025-26465 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 5.9) - The OpenSSH client and server are vulnerable to a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption (Introduced in August 2023) |
| 22.2.25 | CVE-2025-0108 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS management web interface that allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts |
| 22.2.25 | CVE-2024-53704 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.2) - An improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication |
| 22.2.25 | CVE-2018-0171 | VULNEREBILITY | VULNEREBILITY | A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. |
| 22.2.25 | CVE-2024-24919 | VULNEREBILITY | VULNEREBILITY | Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. |
| 22.2.25 | CVE-2025-23209 | VULNEREBILITY | VULNEREBILITY | Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution (RCE) vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised. |
| 20.2.25 | CVE-2024-12284 | VULNEREBILITY | VULNEREBILITY | Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. |
| 20.2.25 | CVE-2025-21355 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.6) - Microsoft Bing Remote Code Execution Vulnerability |
| 20.2.25 | CVE-2025-24989 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.2) - Microsoft Power Pages Elevation of Privilege Vulnerability |
| 18.2.25 | CVE-2025-21589 | VULNEREBILITY | VULNEREBILITY | CVE-2025-21589 |
| 18.2.25 | CVE-2024-12510 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 6.7) - Pass-back attack via LDAP |
| 18.2.25 | CVE-2024-12511 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.6) - Pass-back attack via user's address book |
| 15.2.25 | CVE-2025-1094 | VULNEREBILITY | VULNEREBILITY | Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. |
| 15.2.25 | CVE-2025-0108 | VULNEREBILITY | VULNEREBILITY | CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface |
| 10.2.25 | CVE-2025-23359 | VULNEREBILITY | VULNEREBILITY | NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. |
| 10.2.25 | CVE-2025-21391 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.1) - Windows Storage Elevation of Privilege Vulnerability |
| 10.2.25 | CVE-2025-21418 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.8) - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| 10.2.25 | CVE-2024-38657 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files |
| 10.2.25 | CVE-2025-22467 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.9) - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution |
| 10.2.25 | CVE-2024-10644 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.1) - Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| 10.2.25 | CVE-2024-47908 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.1) - Operating system command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| 10.2.25 | CVE-2024-56131 | VULNEREBILITY | VULNEREBILITY | (CVSS scores: 8.4) - A set of improper input validation vulnerabilities that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to execute arbitrary system commands via a carefully crafted HTTP request |
| 10.2.25 | CVE-2024-56132 | VULNEREBILITY | VULNEREBILITY | (CVSS scores: 8.4) - A set of improper input validation vulnerabilities that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to execute arbitrary system commands via a carefully crafted HTTP request |
| 10.2.25 | CVE-2024-56133 | VULNEREBILITY | VULNEREBILITY | (CVSS scores: 8.4) - A set of improper input validation vulnerabilities that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to execute arbitrary system commands via a carefully crafted HTTP request |
| 10.2.25 | CVE-2024-56135 | VULNEREBILITY | VULNEREBILITY | (CVSS scores: 8.4) - A set of improper input validation vulnerabilities that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to execute arbitrary system commands via a carefully crafted HTTP request |
| 10.2.25 | CVE-2024-56134 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.4) - An improper input validation vulnerability that allows remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate to download the content of any file on the system via a carefully crafted HTTP request |
| 10.2.25 | CVE-2025-24200 | VULNEREBILITY | VULNEREBILITY | An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. |
| 10.2.25 | CVE-2025-25064 | VULNEREBILITY | VULNEREBILITY | SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a user-supplied parameter. |
| 10.2.25 | CVE-2024-57968 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.9) - An unrestricted upload of files with a dangerous type vulnerability that allows remote authenticated users to upload files to unintended folders (Fixed in VeraCore version 2024.4.2.1) |
| 10.2.25 | CVE-2025-25181 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 5.8) - An SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands (No patch available) |
| 5.2.25 | Trimble Cityworks | VULNEREBILITY | ICS | Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server. |
| 5.2.25 | CVE-2025-20124 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. |
| 5.2.25 | CVE-2025-20125 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.1) - An authorization bypass vulnerability in an API of Cisco ISE could could permit an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node |
| 5.2.25 | CVE-2025-23114 | VULNEREBILITY | VULNEREBILITY | A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code on the affected appliance server with root-level permissions. |
| 5.2.25 | CVE-2025-0411 | VULNEREBILITY | VULNEREBILITY | 7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. |
| 5.2.25 | CVE-2024-45195 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.5/9.8) - A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized access and execute arbitrary code on the server (Fixed in September 2024) |
| 5.2.25 | CVE-2024-29059 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.5) - An information disclosure vulnerability in Microsoft .NET Framework that could expose the ObjRef URI and lead to remote code execution (Fixed in March 2024) |
| 5.2.25 | CVE-2018-9276 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.2) - An operating system command injection vulnerability in Paessler PRTG Network Monitor that allows an attacker with administrative privileges to execute commands via the PRTG System Administrator web console (Fixed in April 2018) |
| 5.2.25 | CVE-2018-19410 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - A local file inclusion vulnerability in Paessler PRTG Network Monitor that allows a remote, unauthenticated attacker to create users with read-write privileges (Fixed in April 2018) |
| 5.2.25 | CVE-2024-56161 | VULNEREBILITY | VULNEREBILITY | Loss of the SEV-based protection of a confidential guest. |
| 5.2.25 | CVE-2025-21396 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.5) - Microsoft Account Elevation of Privilege Vulnerability |
| 5.2.25 | CVE-2025-21415 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.9) - Azure AI Face Service Elevation of Privilege Vulnerability |
| 5.2.25 | CVE-2024-53104 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. |
| 5.2.25 | CVE-2025-0626 | VULNEREBILITY | VULNEREBILITY | Contec Health CMS8000 Patient Monitor sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device. |
| 5.2.25 | CVE-2024-12248 | VULNEREBILITY | VULNEREBILITY | (CVSS v4 score: 9.3) - An out-of-bounds write vulnerability that could allow an attacker to send specially formatted UDP requests in order to write arbitrary data, resulting in remote code execution |
| 5.2.25 | CVE-2025-0683 | VULNEREBILITY | VULNEREBILITY | (CVSS v4 score: 8.2) - A privacy leakage vulnerability that causes plain-text patient data to be transmitted to a hard-coded public IP address when the patient is attached to the monitor |
| 5.2.25 | CVE-2025-0626 | VULNEREBILITY | VULNEREBILITY | Contec Health CMS8000 Patient Monitor sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device. |
| 5.2.25 | CVE-2024-12248 | VULNEREBILITY | VULNEREBILITY | (CVSS v4 score: 9.3) - An out-of-bounds write vulnerability that could allow an attacker to send specially formatted UDP requests in order to write arbitrary data, resulting in remote code execution |
| 5.2.25 | CVE-2025-0683 | VULNEREBILITY | VULNEREBILITY | (CVSS v4 score: 8.2) - A privacy leakage vulnerability that causes plain-text patient data to be transmitted to a hard-coded public IP address when the patient is attached to the monitor |
| 28.1.25 | CVE-2024-50050 | VULNEREBILITY | VULNEREBILITY | Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communication has been changed to use JSON instead. |
| 28.1.25 | CVE-2025-22218 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.5) - A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs |
| 28.1.25 | CVE-2025-22219 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 6.8) - A malicious actor with non-administrative privileges may be able to inject a malicious script that may lead to arbitrary operations as admin user via a stored cross-site scripting (XSS) attack |
| 28.1.25 | CVE-2025-22220 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 4.3) - A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user |
| 28.1.25 | CVE-2025-22221 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 5.2) - A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when performing a delete action in the Agent Configuration |
| 28.1.25 | CVE-2025-22222 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.7) - A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known |
| 28.1.25 | Noma Research discovers RCE vulnerability in AI | VULNEREBILITY | AI | Noma Research discovers RCE vulnerability in AI-development platform, Lightning AI |
| 28.1.25 | CVE-2024-55417 | VULNEREBILITY | VULNEREBILITY | An arbitrary file write vulnerability in the "/admin/media/upload" endpoint |
| 28.1.25 | CVE-2024-55416 | VULNEREBILITY | VULNEREBILITY | A reflected cross-site scripting (XSS) vulnerability in the "/admin/compass" endpoint |
| 28.1.25 | CVE-2024-55415 | VULNEREBILITY | VULNEREBILITY | An arbitrary file leak and deletion vulnerability |
| 28.1.25 | CVE-2024-41710 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor to execute arbitrary commands within the context of the phone. |
| 27.1.25 | CVE-2025-23040 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 6.6) - Maliciously crafted remote URLs could lead to credential leaks in GitHub Desktop |
| 27.1.25 | CVE-2024-50338 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.4) - Carriage-return character in remote URL allows the malicious repository to leak credentials in Git Credential Manager |
| 27.1.25 | CVE-2024-53263 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.5) - Git LFS permits retrieval of credentials via crafted HTTP URLs |
| 27.1.25 | CVE-2024-53858 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 6.5) - Recursive repository cloning in GitHub CLI can leak authentication tokens to non-GitHub submodule hosts |
| 25.1.25 | CVE-2025-22604 | VULNEREBILITY | VULNEREBILITY | Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. |
| 25.1.25 | CVE-2024-40891 | VULNEREBILITY | VULNEREBILITY | Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891) |
| 25.1.25 | CVE-2024-40890 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.8) - A post-authentication command injection vulnerability in the CGI program that could allow an authenticated attacker to execute operating system (OS) commands on an affected device by sending a crafted HTTP POST request |
| 25.1.25 | CVE-2024-40891 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.8) - A post-authentication command injection vulnerability in the management commands component that could allow an authenticated attacker to execute OS commands on an affected device via Telnet |
| 25.1.25 | CVE-2025-0890 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - The use of insecure default credentials for the Telnet function that could allow an attacker to log in to the management interface |
| 25.1.25 | CVE-2025-24085 | VULNEREBILITY | VULNEREBILITY | A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2. |
|
16.1.25 | CVE-2024-7344 | VULNEREBILITY | VULNEREBILITY | Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 |
|
16.1.25 | NTLMv1 | VULNEREBILITY | VULNEREBILITY | If you think you blocked NTLMv1 in your org, think again |
|
16.1.25 | SAP Security Patch Day – January 2025 | VULNEREBILITY | VULNEREBILITY | This post shares information on Security Notes that remediate vulnerabilities discovered in SAP products. SAP strongly recommends that the customer visits the Support Portal and applies patches on priority to protect their SAP landscape. |
|
16.1.25 | Rsync contains six vulnerabilities | VULNEREBILITY | VULNEREBILITY | Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. |
|
16.1.25 | CVE-2025-21311 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - Windows NTLM V1 Elevation of Privilege Vulnerability |
|
16.1.25 | CVE-2025-21307 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2025-21298 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - Windows Object Linking and Embedding (OLE) Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2025-21295 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.1) - SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2025-21294 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.1) - Microsoft Digest Authentication Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2025-21308 | VULNEREBILITY | VULNEREBILITY | Windows Themes Spoofing Vulnerability |
|
16.1.25 | CVE-2025-21275 | VULNEREBILITY | VULNEREBILITY | Windows App Package Installer Elevation of Privilege Vulnerability |
|
16.1.25 | CVE-2025-21395 | VULNEREBILITY | VULNEREBILITY | Microsoft Access Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2025-21366 | VULNEREBILITY | VULNEREBILITY | Microsoft Access Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2025-21186 | VULNEREBILITY | VULNEREBILITY | Microsoft Access Remote Code Execution Vulnerability |
|
16.1.25 | CVE-2024-57726 | VULNEREBILITY | VULNEREBILITY | A privilege escalation vulnerability that allows an attacker who gains access as a low-privilege technician to elevate their privileges to an admin by taking advantage of missing backend authorization checks |
|
16.1.25 | CVE-2024-57728 | VULNEREBILITY | VULNEREBILITY | An arbitrary file upload vulnerability that allows an attacker with SimpleHelpAdmin privileges (or as a technician with admin privileges) to upload arbitrary files anywhere on the SimpleServer host, potentially leading to remote code execution |
|
16.1.25 | CVE-2024-57727 | VULNEREBILITY | VULNEREBILITY | An unauthenticated path traversal vulnerability that allows an attacker to download arbitrary files from the SimpleHelp server, including the serverconfig.xml file that contains hashed passwords for the SimpleHelpAdmin account and other local technician accounts |
|
14.1.25 | Millions of Accounts Vulnerable due to Google’s OAuth Flaw | VULNEREBILITY | VULNEREBILITY | Millions of Americans can have their data stolen right now because of a deficiency in Google’s “Sign in with Google” authentication flow. If you’ve worked for a startup in the past - especially one that has since shut down - you might be vulnerable. |
|
14.1.25 | CVE-2024-55591 | VULNEREBILITY | VULNEREBILITY | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. |
|
14.1.25 | CVE-2024-44243 | VULNEREBILITY | VULNEREBILITY | A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2. An app may be able to modify protected parts of the file system. |
|
14.1.25 | CVE-2024-12686 | VULNEREBILITY | VULNEREBILITY | A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. |
|
14.1.25 | CVE-2024-50603 | VULNEREBILITY | VULNEREBILITY | An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. |
|
10.1.25 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 2.3) - An operating system (OS) command injection vulnerability that enables an authenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software | |
|
10.1.25 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 2.7) - A wildcard expansion vulnerability that allows an unauthenticated attacker to enumerate files on the host file system | |
|
10.1.25 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 2.7) - An arbitrary file deletion vulnerability that enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host file system | |
|
10.1.25 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 4.7) - A reflected cross-site scripting (XSS) vulnerability that enables attackers to execute malicious JavaScript code in the context of an authenticated user's browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to browser-session theft | |
|
10.1.25 | CVE-2025-0103 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 7.8) - An SQL injection vulnerability that enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys, as well as create and read arbitrary files |
|
10.1.25 | CVE-2024-49415 | VULNEREBILITY | VULNEREBILITY | Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. |
|
10.1.25 | CVE-2024-52875 | VULNEREBILITY | VULNEREBILITY | refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then lead to a cross-site scripting (XSS) flaw. |
|
10.1.25 | CVE-2025-0283 | VULNEREBILITY | VULNEREBILITY | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges. |
|
10.1.25 | CVE-2025-0282 | VULNEREBILITY | VULNEREBILITY | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. |
|
10.1.25 | DNA Sequencer's Vulnerable BIOS | VULNEREBILITY | VULNEREBILITY | Genetic Engineering Meets Reverse Engineering: DNA Sequencer's Vulnerable BIOS |
|
10.1.25 | CVE-2024-41713 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.1) - A path traversal vulnerability in Mitel MiCollab that could allow an attacker to gain unauthorized and unauthenticated access |
|
10.1.25 | CVE-2024-55550 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 4.4) - A path traversal vulnerability in Mitel MiCollab that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization |
|
10.1.25 | CVE-2020-2883 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - A security vulnerability in Oracle WebLogic Server that could be exploited by an unauthenticated attacker with network access via IIOP or T3 |
|
2.1.25 | Microsoft 365 Vulnerability | VULNEREBILITY | VULNEREBILITY | Discovery to Resolution: A Critical Microsoft 365 Vulnerability |
|
31.12.24 | CVE-2024-12686 | VULNEREBILITY | VULNEREBILITY | A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. |
|
31.12.24 | CVE-2024-12356 | VULNEREBILITY | VULNEREBILITY | A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. |
|
31.12.24 | Dirty DAG | VULNEREBILITY | VULNEREBILITY | Dirty DAG: New Vulnerabilities in Azure Data Factory’s Apache Airflow Integration |
|
28.12.24 | CVE-2024-12856 | VULNEREBILITY | VULNEREBILITY | The Four-Faith router models F3x24 and F3x36 are affected by an operating system (OS) command injection vulnerability. |
|
28.12.24 | CVE-2024-3393 | VULNEREBILITY | VULNEREBILITY | CVE-2024-3393 PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet |
|
28.12.24 | CVE-2024-52046 | VULNEREBILITY | VULNEREBILITY | The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. |
|
26.12.24 | CVE-2024-47146 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal. |
|
26.12.24 | CVE-2024-52324 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands. |
|
26.12.24 | CVE-2024-48874 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud metadata services. |
|
26.12.24 | CVE-2024-46874 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud. |
|
26.12.24 | CVE-2024-47791 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices. |
|
26.12.24 | CVE-2024-45722 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials. |
|
26.12.24 | CVE-2024-47043 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address. |
|
26.12.24 | CVE-2024-51727 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account. |
|
26.12.24 | CVE-2024-42494 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services |
|
26.12.24 | CVE-2024-47547 | VULNEREBILITY | VULNEREBILITY | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks. |
|
26.12.24 | CVE-2024-45387 | VULNEREBILITY | VULNEREBILITY | An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request. |
|
26.12.24 | CVE-2021-44207 | VULNEREBILITY | VULNEREBILITY | Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. |
|
26.12.24 | CVE-2024-50379 | VULNEREBILITY | VULNEREBILITY | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). |
|
26.12.24 | CVE-2024-56337 | VULNEREBILITY | VULNEREBILITY | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. |
| 21.12.24 | CVE-2023-48788 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability |
| 21.12.24 | CVE-2021-44529 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability |
| 21.12.24 | CVE-2019-7256 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 10.0) - Nice Linear eMerge E3-Series OS Command Injection Vulnerability |
| 21.12.24 | CVE-2024-12356 | VULNEREBILITY | VULNEREBILITY | BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability |
| 21.12.24 | CVE-2024-12727 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - A pre-auth SQL injection vulnerability in the email protection feature that could lead to remote code execution, if a specific configuration of Secure PDF eXchange (SPX) is enabled in combination with the firewall running in High Availability (HA) mode. |
| 21.12.24 | CVE-2024-12728 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 9.8) - A weak credentials vulnerability arising from a suggested and non-random SSH login passphrase for High Availability (HA) cluster initialization that remains active even after the HA establishment process completed, thereby exposing an account with privileged access if SSH is enabled. |
| 21.12.24 | CVE-2024-12729 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.8) - A post-auth code injection vulnerability in the User Portal that allows authenticated users to gain remote code execution. |
| 21.12.24 | CVE-2023-48782 | VULNEREBILITY | VULNEREBILITY | (CVSS score: 8.8), an authenticated command injection flaw that has also been fixed in FortiWLM 8.6.6, to obtain remote code execution in the context of root. |
| 21.12.24 | CVE-2023-34990 | VULNEREBILITY | VULNEREBILITY | [FortiWLM] Unauthenticated limited file read vulnerability |
| 18.12.24 | CVE-2024-53677 | VULNEREBILITY | VULNEREBILITY | File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. |
| 18.12.24 | CVE-2024-12356 | VULNEREBILITY | VULNEREBILITY | A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. |
| 17.12.2024 | CVE-2024-20767 | VULNEREBILITY | CVE | (CVSS score: 7.4) - Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an internet-exposed admin panel (Patched by Adobe in March 2024) |
| 17.12.2024 | CVE-2024-35250 | VULNEREBILITY | CVE | (CVSS score: 7.8) - Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges (Patched by Microsoft in June 2024) |
| 13.12.2024 | CVE-2024-54143 | VULNEREBILITY | CVE | openwrt/asu is an image on demand server for OpenWrt based distributions. The request hashing mechanism truncates SHA-256 hashes to only 12 characters. |
| 12.12.2024 | CVE-2024-44131 | VULNEREBILITY | CVE | Unauthorized access to iCloud: analyzing an iOS vulnerability that could expose sensitive data to attackers |
| 12.12.2024 | CVE-2024-11972 | VULNEREBILITY | CVE | Unauthorized Plugin Installation/Activation in Hunk Companion |
| 11.12.2024 | Microsoft Azure MFA Bypass | VULNEREBILITY | CVE | Oasis Security Research Team Discovers Microsoft Azure MFA Bypass |
| 11.12.2024 | CVE-2024-11639 | VULNEREBILITY | CVE | (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote unauthenticated attacker to gain administrative access |
| 11.12.2024 | CVE-2024-11772 | VULNEREBILITY | CVE | (CVSS score: 9.1) - A command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.3 that allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| 11.12.2024 | CVE-2024-11773 | VULNEREBILITY | CVE | (CVSS score: 9.1) - An SQL injection vulnerability in the admin web console of Ivanti CSA before version 5.0.3 that allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements |
| 11.12.2024 | CVE-2024-11633 | VULNEREBILITY | CVE | (CVSS score: 9.1) - An argument injection vulnerability in Ivanti Connect Secure before version 22.7R2.4 that allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| 11.12.2024 | CVE-2024-11634 | VULNEREBILITY | CVE | (CVSS score: 9.1) - A command injection vulnerability in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 that allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| 11.12.2024 | CVE-2024-8540 | VULNEREBILITY | CVE | (CVSS score: 8.8) - An insecure permissions vulnerability in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 that allows a local authenticated attacker to modify sensitive application components |
| 10.12.2024 | CVE-2024-55956 | VULNEREBILITY | CVE | In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. |
| 06.12.2024 | CVE-2024-27132 | VULNEREBILITY | CVE | (CVSS score: 7.2) - An insufficient sanitization issue in MLflow that leads to a cross-site scripting (XSS) attack when running an untrusted recipe in a Jupyter Notebook, ultimately resulting in client-side remote code execution (RCE) |
| 06.12.2024 | CVE-2024-6960 | VULNEREBILITY | CVE | (CVSS score: 7.5) - An unsafe deserialization issue in H20 when importing an untrusted ML model, potentially resulting in RCE |
| 06.12.2024 | CVE-2023-5245 | VULNEREBILITY | CVE | (CVSS score: 7.5) - A path traversal issue in MLeap when loading a saved model in zipped format can lead to a Zip Slip vulnerability, resulting in arbitrary file overwrite and potential code execution |
| 06.12.2024 | CVE-2024-41713 | VULNEREBILITY | CVE | A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations. |
| 05.12.2024 | CVE-2024-51378 | VULNEREBILITY | CVE | (CVSS score: 10.0) - An incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property |
| 05.12.2024 | CVE-2023-45727 | VULNEREBILITY | CVE | (CVSS score: 7.5) - An improper restriction of XML External Entity (XXE) reference vulnerability that could allow a remote, unauthenticated attacker to conduct an XXE attack |
| 05.12.2024 | CVE-2024-11680 | VULNEREBILITY | CVE | (CVSS score: 9.8) - An improper authentication vulnerability that allows a remote, unauthenticated attacker to create accounts, upload web shells, and embed malicious JavaScript |
| 05.12.2024 | CVE-2024-11667 | VULNEREBILITY | CVE | (CVSS score: 7.5) - A path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL |
| 04.12.2024 | CVE-2024-42448 | VULNEREBILITY | CVE | From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine. |
| 04.12.2024 | CVE-2024-10905 | VULNEREBILITY | CVE | IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions allow HTTP/HTTPS access to static content in the IdentityIQ application directory that should be protected. |
| 03.12.2024 | CVE-2014-2120 | VULNEREBILITY | CVE | Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025. |
| 03.12.2024 | CVE-2024-5921 | VULNEREBILITY | CVE | (CVSS score: 5.6) - An insufficient certificate validation vulnerability impacting Palo Alto Networks GlobalProtect for Windows, macOS, and Linux that allows the app to be connected to arbitrary servers, leading to the deployment of malicious software (Addressed in version 6.2.6 for Windows) |
| 03.12.2024 | CVE-2024-29014 | VULNEREBILITY | CVE | (CVSS score: 7.1) - A vulnerability impacting SonicWall SMA100 NetExtender Windows client that could allow an attacker to execute arbitrary code when processing an End Point Control (EPC) Client update. (Affects versions 10.2.339 and earlier, addressed in version 10.2.341) |
|
29.11.2024 |
CVE |
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). |
||
|
28.11.2024 |
CVE |
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript. |
||
|
26.11.2024 |
CVE |
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 6.43.2. |
||
|
26.11.2024 |
CVE |
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'api_key' value in the 'perform' function in all versions up to, and including, 6.44. |
||
|
26.11.2024 |
CVE |
(CVSS score: 9.8) - A use-after-free vulnerability in Firefox's Animation component (Patched by Mozilla in October 2024) |
||
|
26.11.2024 |
CVE |
(CVSS score: 8.8) - A privilege escalation vulnerability in Windows Task Scheduler (Patched by Microsoft in November 2024) |
||
|
26.11.2024 |
CVE |
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon." |
||
|
22.11.2024 |
CVE |
CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) |
||
|
22.11.2024 |
CVE |
CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface |
||
|
21.11.2024 |
CVE |
Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. |
||
|
19.11.2024 |
CVE |
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. |
||
|
19.11.2024 |
CVE |
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system’s real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3). |
||
|
19.11.2024 |
CVE |
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable. |
||
|
19.11.2024 |
CVE |
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps. |
||
|
19.11.2024 |
CVE |
(CVSS score: 8.8) - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content |
||
|
19.11.2024 |
CVE |
(CVSS score: 6.1) - A cookie management vulnerability in WebKit that could lead to a cross-site scripting (XSS) attack when processing malicious web content |
||
|
19.11.2024 |
CVE |
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM Framework |
||
|
19.11.2024 |
CVE |
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. |
||
|
18.11.2024 |
CVE |
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. |
||
|
16.11.2024 |
CVE |
CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) |
||
|
15.11.2024 |
CVE |
PostgreSQL PL/Perl environment variable changes execute arbitrary code |
||
|
15.11.2024 |
CVE |
(CVSS score: 9.9) - Palo Alto Networks Expedition OS Command Injection Vulnerability |
||
|
15.11.2024 |
CVE |
(CVSS score: 9.3) - Palo Alto Networks Expedition SQL Injection Vulnerability |
||
|
14.11.2024 |
CVE |
CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild |
||
|
13.11.2024 |
CVE |
(CVSS score: 6.5) - Windows NTLM Hash Disclosure Spoofing Vulnerability |
||
|
13.11.2024 |
CVE |
(CVSS score: 8.8) - Windows Task Scheduler Elevation of Privilege Vulnerability |
||
|
13.11.2024 |
CVE |
(CVSS v4 score: 9.2), which allows an attacker to impersonate a hub and hijack a device |
||
|
13.11.2024 |
CVE |
(CVSS v4 score: 9.2), which allows an attacker to claim arbitrary unclaimed devices by bypassing the requirement for a serial number |
||
|
13.11.2024 |
CVE |
(CVSS v4 score: 9.2), which allows an attacker to upload arbitrary firmware updates resulting in code execution |
||
|
13.11.2024 |
CVE |
(CVSS v4 score: 9.1), which allows an attacker to impersonate a hub and unclaim devices arbitrarily and subsequently exploit other flaws to claim it |
||
|
12.11.2024 |
CVE |
(CVSS score: 5.1) - Privilege escalation to NetworkService Account access |
||
|
12.11.2024 |
CVE |
(CVSS score: 5.1) - Limited remote code execution with the privilege of a NetworkService Account access |
||
|
08.11.2024 |
CVE |
Android Framework Privilege Escalation Vulnerability |
||
|
08.11.2024 |
CVE |
CyberPanel Incorrect Default Permissions Vulnerability |
||
|
08.11.2024 |
CVE |
Nostromo nhttpd Directory Traversal Vulnerability |
||
|
08.11.2024 |
CVE |
Palo Alto Expedition Missing Authentication Vulnerability |
||
|
07.11.2024 |
CVE |
A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system. |
||
|
05.11.2024 |
CVE |
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors. |
||
|
05.11.2024 |
CVE |
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. |
||
|
04.11.2024 |
CVE |
(CVSS score: 7.5) - A vulnerability that an attacker can exploit using /api/create an endpoint to determine the existence of a file in the server (Fixed in version 0.1.47) |
||
|
04.11.2024 |
CVE |
(CVSS score: 8.2) - An out-of-bounds read vulnerability that could cause the application to crash by means of the /api/create endpoint, resulting in a DoS condition (Fixed in version 0.1.46) |
||
|
04.11.2024 |
CVE |
(CVSS score: 7.5) - A vulnerability that causes resource exhaustion and ultimately a DoS when invoking the /api/create endpoint repeatedly when passing the file "/dev/random" as input (Fixed in version 0.1.34) |
||
|
04.11.2024 |
CVE |
(CVSS score: 7.5) - A path traversal vulnerability in the api/push endpoint that exposes the files existing on the server and the entire directory structure on which Ollama is deployed (Fixed in version 0.1.46) |
||
|
1.11.24 |
Rare Case of Privilege Escalation Patched in LiteSpeed Cache Plugin | VULNEREBILITY | VULNEREBILITY | This blog post is about the LiteSpeed plugin vulnerability. If you’re a LiteSpeed user, please update the plugin to at least version 6.5.2. |
|
29.10.24 |
CVE-2024-7474 | VULNEREBILITY | CVE | (CVSS score: 9.1) - An Insecure Direct Object Reference (IDOR) vulnerability that could allow an authenticated user to view or delete external users, resulting in unauthorized data access and potential data loss |
|
29.10.24 |
CVE-2024-7475 | VULNEREBILITY | CVE | (CVSS score: 9.1) - An improper access control vulnerability that allows an attacker to update the SAML configuration, thereby making it possible to log in as an unauthorized user and access sensitive information |
|
29.10.24 |
Breaking the Barrier | VULNEREBILITY | CPU | Speculation barriers, in this case barriers that stop previously learned predictions from being used, are critical for computer software and cloud infrastructure to run securely. |
|
28.10.24 | CVE-2024-38202 | VULNEREBILITY | CVE | Windows Update Stack Elevation of Privilege Vulnerability Recently updated |
|
28.10.24 | VULNEREBILITY | CVE | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | |
|
28.10.24 | CVE-2024-38094 | VULNEREBILITY | CVE | Microsoft SharePoint Remote Code Execution Vulnerability |
|
28.10.24 | CVE-2024-47575 | VULNEREBILITY | CVE | A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.13, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests. |
|
28.10.24 | CVE-2024-20481 | VULNEREBILITY | CVE | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Brute Force Denial of Service Vulnerability |
|
28.10.24 | CVE-2024-38812 | VULNEREBILITY | CVE | VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) |
|
28.10.24 | CVE-2024-8260 | VULNEREBILITY | CVE | A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions. |
|
28.10.24 | CVE-2024-37383 | VULNEREBILITY | CVE | Fake attachment. Roundcube mail server attacks exploit CVE-2024-37383 vulnerability. |
|
27.10.24 | CVE-2024-9487 | VULNEREBILITY | CVE | 3.14.2: Security fixes |
|
27.10.24 | CVE-2024-38178 | VULNEREBILITY | CVE | Scripting Engine Memory Corruption Vulnerability |
|
27.10.24 | CVE-2024-9486 | VULNEREBILITY | CVE | VM images built with Image Builder and Proxmox provider use default credentials in github.com/kubernetes-sigs/image-builder |
15.8.24 | CVE-2024-38173 | VULNEREBILITY | CVE | Microsoft Outlook Remote Code Execution Vulnerability |
15.8.24 | CVE-2024-38198 | VULNEREBILITY | CVE | Windows Print Spooler Elevation of Privilege Vulnerability |
15.8.24 | CVE-2024-38202 | VULNEREBILITY | CVE | (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability |
15.8.24 | CVE-2024-21302 | VULNEREBILITY | CVE | (CVSS score: 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
15.8.24 | CVE-2024-38199 | VULNEREBILITY | CVE | (CVSS score: 9.8) - Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability |
15.8.24 | CVE-2024-38213 | VULNEREBILITY | CVE | (CVSS score: 6.5) - Windows Mark of the Web Security Feature Bypass Vulnerability |
15.8.24 | CVE-2024-38107 | VULNEREBILITY | CVE | (CVSS score: 7.8) - Windows Power Dependency Coordinator Elevation of Privilege Vulnerability |
15.8.24 | CVE-2024-38106 | VULNEREBILITY | CVE | (CVSS score: 7.0) - Windows Kernel Elevation of Privilege Vulnerability |
15.8.24 | CVE-2024-38193 | VULNEREBILITY | CVE | (CVSS score: 7.8) - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
15.8.24 | CVE-2024-38178 | VULNEREBILITY | CVE | (CVSS score: 7.5) - Windows Scripting Engine Memory Corruption Vulnerability |
15.8.24 | CVE-2024-38189 | VULNEREBILITY | CVE | (CVSS score: 8.8) - Microsoft Project Remote Code Execution Vulnerability |
15.8.24 | CVE-2024-7570 | VULNEREBILITY | CVE | (CVSS score: 8.3) - Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user |
15.8.24 | CVE-2024-7569 | VULNEREBILITY | CVE | (CVSS score: 9.6) - An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information |
15.8.24 | CVE-2024-5916 | VULNEREBILITY | CVE | (CVSS score: 6.0) - An information exposure vulnerability in PAN-OS software that enables a local system administrator to access secrets, passwords, and tokens of external systems |
15.8.24 | CVE-2024-5915 | VULNEREBILITY | CVE | (CVSS score: 5.2) - A privilege escalation (PE) vulnerability in the GlobalProtect app on Windows devices that enables a local user to execute programs with elevated privileges |
15.8.24 | CVE-2024-28986 | VULNEREBILITY | CVE | SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability (CVE-2024-28986) |
15.8.24 | GhostWrite | VULNEREBILITY | CPU | RISCVuzz: Discovering Architectural CPU Vulnerabilities via Differential Hardware Fuzzi |
13.8.24 | CVE-2024-33892 | VULNEREBILITY | CVE | (CVSS score: 7.4) - Information leakage through cookies |
13.8.24 | CVE-2024-33893 | VULNEREBILITY | CVE | (CVSS score: 2.1) - XSS when displaying the logs due to improper input sanitization |
13.8.24 | CVE-2024-33894 | VULNEREBILITY | CVE | (CVSS score: 1.0) - Execution of several processes with elevated privileges |
13.8.24 | CVE-2024-33895 | VULNEREBILITY | CVE | (CVSS score: 4.4) - Usage of a unique key to encrypt the configuration parameters |
13.8.24 | CVE-2024-33896 | VULNEREBILITY | CVE | (CVSS score: 3.3) - Code injection due to improper parameter blacklisting |
13.8.24 | CVE-2024-33897 | VULNEREBILITY | CVE | (CVSS score: N/A) - A compromised devices could be used to request a Certificate Signing Request (CSR) from Talk2m for another device, resulting in an availability issue |
13.8.24 | CVE-2024-7589 | VULNEREBILITY | CVE | OpenSSH is an implementation of the SSH protocol suite, providing an encrypted and authenticated transport for a variety of services, including remote shell access. |
11.8.24 | CVE-2024-38272 | VULNEREBILITY | CVE | (CVSS score: 7.1) - A vulnerability that allows an attacker to bypass the accept file dialog on Windows |
11.8.24 | CVE-2024-38271 | CVE | (CVSS score: 5.9) - A vulnerability that forces a victim to stay connected to a temporary Wi-Fi connection created for sharing | |
10.8.24 | Breaching AWS Accounts Through Shadow Resources | VULNEREBILITY | CVE | The cloud seems complex, but it's what happens behind the scenes that really complicates things. Some services utilize others as resources as part of their logic/operation. Interestingly enough, it turns out that this could lead to catastrophic results if done unsafely. |
10.8.24 | CVE-2024-38200 | CVE | Microsoft Office Spoofing Vulnerability | |
10.8.24 | CVE-2024-27459 | CVE | The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges. | |
10.8.24 | CVE-2024-24974 | CVE | The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service. | |
10.8.24 | CVE-2024-27903 | CVE | OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service. | |
10.8.24 | CVE-2024-1305 | CVE | tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space | |
10.8.24 | OpenVPN vulnerabilities | CVE | Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | |
10.8.24 | CVE-2023-50809 | CVE | A vulnerability in the Sonos One Gen 2 Wi-Fi stack that does not properly validate an information element while negotiating a WPA2 four-way handshake, leading to remote code execution | |
10.8.24 | CVE-2023-50810 | CVE | In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used to override the kernel command-line parameters and ultimately bypass the Secure Boot implementation. This affects PLAY5 gen 2, PLAYBASE, PLAY:1, One, One SL, and Amp. | |
10.8.24 | Cisco Small Business SPA300 Series and SPA500 Series IP Phones Web UI Vulnerabilities | CVE | Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an attacker to execute arbitrary commands on the underlying operating system or cause a denial of service (DoS) condition. | |
9.8.24 | CVE-2024-21302 | CVE | (CVSS score: 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability | |
9.8.24 | CVE-2024-38202 | CVE | (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability | |
9.8.24 | CVE-2024-4885 | CVE | In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges. | |
7.8.24 | CVE-2024-42008 | CVE | A cross-site scripting flaw via a malicious email attachment served with a dangerous Content-Type header | |
7.8.24 | CVE-2024-42009 | CVE | A cross-site scripting flaw that arises from post-processing of sanitized HTML content | |
7.8.24 | CVE-2024-42010 | CVE | An information disclosure flaw that stems from insufficient CSS filtering | |
| 6.8.24 | CVE-2024-38856 | CVE | Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. | |
2.8.24 | CVE | VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. | ||
2.8.24 | CVE | Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132. | ||
27.7.24 | CVE-2023-46229 | CVE | langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py. | |
27.7.24 | CVE-2023-44467 | CVE | LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. | |
26.7.24 | ConfusedFunction | CVE | ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions | |
26.7.24 | CVE-2024-6327 | CVE | In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. | |
26.7.24 | CVE-2024-41110 | CVE | Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins | |
25.7.24 | CVE-2012-4792 | CVE | Microsoft Internet Explorer Use-After-Free Vulnerability | |
25.7.24 | CVE-2024-39891 | CVE | Twilio Authy Information Disclosure Vulnerability | |
24.7.24 | CVE | New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273) | ||
19.7.24 | CVE-2024-23471 | VULNEREBILITY | CVE | Solarwinds ARM CreateFile Directory Traversal Remote Code Execution Vulnerability |
19.7.24 | CVE-2024-23470 | VULNEREBILITY | CVE | Solarwinds ARM UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability |
19.7.24 | CVE-2024-23466 | VULNEREBILITY | CVE | Solarwinds ARM Directory Traversal Remote Code Execution Vulnerability |
19.7.24 | CVE-2024-23467 | VULNEREBILITY | CVE | Solarwinds ARM Traversal Remote Code Execution Vulnerability |
19.7.24 | CVE-2024-23475 | VULNEREBILITY | CVE | Solarwinds ARM Traversal and Information Disclosure Vulnerability |
19.7.24 | CVE-2024-23469 | VULNEREBILITY | CVE | Solarwinds ARM Exposed Dangerous Method Remote Code Execution Vulnerability |
19.7.24 | CVE-2024-28074 | VULNEREBILITY | CVE | SolarWinds ARM Internal Deserialization Remote Code Execution Vulnerability |
19.7.24 | CVE-2024-23472 | VULNEREBILITY | CVE | SolarWinds ARM Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
18.7.24 | SAPwned | VULNEREBILITY | AI | SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts |
18.7.24 | CVE-2024-34102 | VULNEREBILITY | CVE | (CVSS score: 9.8) - Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability |
18.7.24 | CVE-2024-28995 | VULNEREBILITY | CVE | (CVSS score: 8.6) - SolarWinds Serv-U Path Traversal Vulnerability |
18.7.24 | CVE-2022-22948 | VULNEREBILITY | CVE | (CVSS score: 6.5) - VMware vCenter Server Incorrect Default File Permissions Vulnerability |
17.7.24 | CVE-2024-27348 | VULNEREBILITY | CVE | RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. |
16.7.24 | CVE-2024-36401 | VULNEREBILITY | CVE | OSGeo GeoServer GeoTools Eval Injection Vulnerability |
12.7.24 | CVE-2024-39929 | VULNEREBILITY | CVE | Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. |
12.7.24 | CVE-2024-3596 | VULNEREBILITY | CVE | This vulnerability allows an attacker performing a meddler-in-the-middle attack between Palo Alto Networks PAN-OS firewall and a RADIUS server to bypass authentication and escalate privileges to ‘superuser’ when RADIUS authentication is in use and either CHAP or PAP is selected in the RADIUS server profile. |
12.7.24 | CVE-2024-5910 | VULNEREBILITY | CVE | Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. |
11.7.24 | CVE-2024-6385 | VULNEREBILITY | CVE | GitLab Critical Patch Release: 17.1.2, 17.0.4, 16.11.6 |
10.7.24 | CVE-2024-38021 | VULNEREBILITY | CVE | Microsoft Office Remote Code Execution Vulnerability |
10.7.24 | CVE-2024-38080 | VULNEREBILITY | CVE | Windows Hyper-V Elevation of Privilege Vulnerability |
10.7.24 | CVE-2024-38112 | VULNEREBILITY | CVE | Windows MSHTML Platform Spoofing Vulnerability |
10.7.24 | CVE-2024-35264 | VULNEREBILITY | CVE | .NET and Visual Studio Remote Code Execution Vulnerability |
10.7.24 | CVE-2024-6387 | VULNEREBILITY | CVE | CVE-2024-6409: OpenSSH: Possible remote code execution in privsep child due to a race condition in signal handling |
8.7.24 | CVE-2024-39930 | VULNEREBILITY | CVE | The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected. |
8.7.24 | CVE-2024-39931 | VULNEREBILITY | CVE | Gogs through 0.13.0 allows deletion of internal files. |
8.7.24 | CVE-2024-39932 | VULNEREBILITY | CVE | Gogs through 0.13.0 allows argument injection during the previewing of changes. |
8.7.24 | CVE-2024-39933 | VULNEREBILITY | CVE | Gogs through 0.13.0 allows argument injection during the tagging of a new release. |
5.7.24 | CVE-2023-2071 | VULNEREBILITY | ICS | PN1645 | FactoryTalk View Machine Edition Vulnerable to Remote Code Execution |
5.7.24 | CVE-2023-29464 | VULNEREBILITY | ICS | PN1652 | FactoryTalk® Linx Vulnerable to Denial-of-Service and Information Disclosure |
2.7.24 | CVE-2024-20399 | VULNEREBILITY | CVE | Cisco NX-OS Software CLI Command Injection Vulnerability |
2.7.24 | CocoaPods | VULNEREBILITY | CVE | Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications |
1.7.24 | regreSSHion | VULNEREBILITY | CVE | regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server |
1.7.24 | CVE-2024-2973 | VULNEREBILITY | CVE | 2024-06: Out-Of-Cycle Security Bulletin: Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed (CVE-2024-2973) |
| 18.6.24 | CVE-2024-37081 | CVE | Multiple VMware vCenter Server Flaws Allow Remote Code Execution | |
| 17.6.24 | CVE-2024-3079 | CVE | Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands on the device. | |
| 17.6.24 | CVE-2024-3080 | CVE | Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device. | |
| 14.6.24 | CVE-2023-3938 | CVE | (CVSS score: 4.6) - An SQL injection flaw when displaying a QR code into the device's camera by passing a specially crafted request containing a quotation mark, thereby allowing an attacker to authenticate as any user in the database | |
| 14.6.24 | CVE-2023-3939 | CVE | (CVSS score: 10.0) - A set of command injection flaws that allows for execution of arbitrary OS commands with root privileges | |
| 14.6.24 | CVE-2023-3940 | CVE | (CVSS score: 7.5) - A set of arbitrary file read flaws that allows an attacker to bypass security checks and access any file on the system, including sensitive user data and system settings | |
| 14.6.24 | CVE-2023-3941 | CVE | (CVSS score: 10.0) - A set of arbitrary file write flaws that allows an attacker to write any file on the system with root privileges, including altering the user database to add rogue users | |
| 14.6.24 | CVE-2023-3942 | CVE | (CVSS score: 7.5) - A set of SQL injection flaws that allows an attacker to inject malicious SQL code and perform unauthorized database operations and siphon sensitive data | |
| 14.6.24 | CVE-2023-3943 | CVE | (CVSS score: 10.0) - A set of stack-based buffer overflow flaws that allows an attacker to execute arbitrary code | |
| 14.6.24 | CVE-2024-32896 | CVE | there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |
| 13.6.24 | CVE-2024-26169 | CVE | Windows Error Reporting Service Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30082 | CVE | Win32k Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30085 | CVE | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30086 | CVE | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | |
| 12.6.24 | CVE-2024-30078 | CVE | Windows Wi-Fi Driver Remote Code Execution Vulnerability | |
| 12.6.24 | CVE-2024-30103 | CVE | Microsoft Outlook Remote Code Execution Vulnerability | |
| 12.6.24 | CVE-2024-30080 | CVE | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability New | |
| 12.6.24 | CVE-2023-50868 | CVE | The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. | |
| 11.6.24 | CVE-2024-4610 | CVE | Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0. | |
| 9.6.24 | CVE-2024-4577 | CVE | CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability | |
5.6.24 |
CVE |
This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. | ||
5.6.24 |
CVE |
This command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request. | ||
5.6.24 |
CVE |
This remote code execution vulnerability in the CGI program “file_upload-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file to a vulnerable device. | ||
5.6.24 |
CVE |
This improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 and NAS542 devices could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device. | ||
5.6.24 |
CVE |
This improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 and NAS542 devices could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device. | ||
5.6.24 |
CVE |
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | ||
31.5.24 | CVE-2024-1086 | CVE | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. | |
31.5.24 | CVE-2023-38831 | CVE | RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
30.5.24 | CVE-2023-6961 | CVE | (CVSS score: 7.2) - Unauthenticated Stored Cross-Site Scripting in WP Meta SEO <= 4.5.12 | |
30.5.24 | CVE-2023-40000 | CVE | (CVSS score: 8.3) - Unauthenticated Stored Cross-Site Scripting in LiteSpeed Cache <= 5.7 | |
30.5.24 | CVE-2024-2194 | CVE | (CVSS score: 7.2) - Unauthenticated Stored Cross-Site Scripting in WP Statistics <= 14.5 | |
29.5.24 | CVE-2024-24919 | CVE | Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919) | |
28.5.24 | CVE-2024-23109 | CVE | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | |
28.5.24 | CVE-2024-23108 | CVE | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | |
28.5.24 | Remote Command Execution on TP-Link Archer C5400X | CVE | Before the release of our binary zero-day identification feature, we tested and validated it on our firmware corpus to make sure we were providing meaningful analysis results. In the process, we identified numerous vulnerabilities that we reported to vendors. | |
28.5.24 | CVE-2024-5035 | CVE | The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. | |
25.5.24 | CVE | Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group and Brendon Tiszka of Chrome Security on 2024-05-20 | ||
25.5.24 | CVE | CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | ||
24.5.24 | CVE | A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. | ||
23.5.24 | CVE | Avalanche 6.4.3.602 - additional security hardening and CVE fixed | ||
22.5.24 | CVE-2024-29852 | CVE | (CVSS score: 2.7), which allows a privileged user to read backup session logs | |
22.5.24 | CVE-2024-29851 | CVE | (CVSS score: 7.2), which allows a privileged user to steal NTLM hashes of a Veeam Backup Enterprise Manager service account if it's not configured to run as the default Local System account | |
22.5.24 | CVE-2024-29850 | CVE | (CVSS score: 8.8), which allows account takeover via NTLM relay | |
22.5.24 | CVE-2024-29849 | CVE | (CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as any user. | |
22.5.24 | CVE-2024-27130 | CVE | A set of buffer overflow vulnerabilities that could allow authenticated users to execute arbitrary code via a network | |
22.5.24 | CVE-2024-27129 | CVE | A set of buffer overflow vulnerabilities that could allow authenticated users to execute arbitrary code via a network | |
22.5.24 | CVE-2024-27128 | CVE | A set of buffer overflow vulnerabilities that could allow authenticated users to execute arbitrary code via a network | |
22.5.24 | CVE-2024-27127 | CVE | A double free vulnerability that could allow authenticated users to execute arbitrary code via a network | |
22.5.24 | CVE-2024-21902 | CVE | An incorrect permission assignment for critical resource vulnerability that could allow authenticated users to read or modify the resource via a network | |
22.5.24 | CVE-2024-4985 | CVE | An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. | |
22.5.24 | CVE-2024-34359 | CVE | llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-python` depends on class `Llama` in `llama.py` to load `.gguf` llama.cpp or Latency Machine Learning Models. | |
21.5.24 | CVE-2023-43208 | CVE | NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. | |
21.5.24 | CVE-2024-4323 | CVE | A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution. | |
18.5.24 | CVE-2024-22267 | CVE | (CVSS score: 9.3) - A use-after-free vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host | |
18.5.24 | CVE-2024-22268 | CVE | (CVSS score: 7.1) - A heap buffer-overflow vulnerability in the Shader functionality that could be exploited by a malicious actor with non-administrative access to a virtual machine with 3D graphics enabled to create a DoS condition | |
18.5.24 | CVE-2024-22269 | CVE | (CVSS score: 7.1) - An information disclosure vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to read privileged information contained in hypervisor memory from a virtual machine | |
18.5.24 | CVE-2024-22270 | CVE | (CVSS score: 7.1) - An information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality that could be exploited by a malicious actor with local administrative privileges on a virtual machine to read privileged information contained in hypervisor memory from a virtual machine | |
17.5.24 | CVE-2014-100005 | CVE | A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an attacker to change router configurations by hijacking an existing administrator session | |
17.5.24 | CVE-2021-40655 | CVE | An information disclosure vulnerability impacting D-Link DIR-605 routers that allows attackers to obtain a username and password by forging an HTTP POST request to the /getcfg.php page | |
16.5.24 | CVE-2024-4947 | CVE | Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
15.5.24 | CVE-2024-4761 | CVE | High CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous on 2024-05-09 | |
15.5.24 | CVE-2024-31459 | CVE | (CVSS score: N/A) - A file inclusion issue in the "lib/plugin.php" file that could be combined with SQL injection vulnerabilities to result in remote code execution | |
15.5.24 | CVE-2024-31445 | CVE | (CVSS score: 8.8) - An SQL injection vulnerability in api_automation.php that allows authenticated users to perform privilege escalation and remote code execution | |
15.5.24 | CVE-2024-29895 | CVE | (CVSS score: 10.0) - A command injection vulnerability allows any unauthenticated user to execute arbitrary command on the server when the "register_argc_argv" option of PHP is On | |
15.5.24 | CVE-2024-25641 | CVE | (CVSS score: 9.1) - An arbitrary file write vulnerability in the "Package Import" feature that allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server, resulting in remote code execution | |
15.5.24 | CVE-2024-30040 | CVE | (CVSS score: 8.8) - Windows MSHTML Platform Security Feature Bypass Vulnerability | |
15.5.24 | CVE-2024-30051 | CVE | (CVSS score: 7.8) - Windows Desktop Window Manager (DWM) Core Library Elevation of Privilege Vulnerability | |
14.5.24 | CVE-2023-47610 | CVE | (CVSS score: 8.1) - A buffer overflow vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message. | |
14.5.24 | CVE-2023-47611 | CVE | (CVSS score: 7.8) - An improper privilege management vulnerability that could allow a local, low-privileged attacker to elevate privileges to manufacturer level on the targeted system. | |
14.5.24 | CVE-2023-47612 | CVE | (CVSS score: 6.8) - A files or directories accessible to external parties vulnerability that could allow an attacker with physical access to the target system to obtain read/write access to any files and directories on the targeted system, including hidden files and directories. | |
14.5.24 | CVE-2023-47613 | CVE | (CVSS score: 4.4) - A relative path traversal vulnerability that could allow a local, low-privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system. | |
14.5.24 | CVE-2023-47614 | CVE | (CVSS score: 3.3) - An exposure of sensitive information vulnerability that could allow a local, low-privileged attacker to disclose hidden virtual paths and file names on the targeted system. | |
14.5.24 | CVE-2023-47615 | CVE | (CVSS score: 3.3) - An exposure of sensitive information through environmental variables vulnerability that could allow a local, low-privileged attacker to obtain unauthorized access to the targeted system. | |
14.5.24 | CVE-2023-47616 | CVE | (CVSS score: 2.4) - An exposure of sensitive information vulnerability that could allow an attacker with physical access to the target system to get access to sensitive data on the targeted system. | |
10.5.24 | CVE-2024-4671 | CVE | CVE-2024-4671: Use after free in Visuals. Reported by Anonymous on 2024-05-07 | |
10.5.24 | CVE-2021-3129 | CVE | Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2. | |
10.5.24 | CVE-2024-3661 | CVE | DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. | |
9.5.24 | CVE-2024-3661 | CVE | DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. | |
9.5.24 | CVE | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | ||
9.5.24 | CVE | An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | ||
9.5.24 | CVE | (CVSS score: 7.5) - An OData injection vulnerability that could allow an unauthenticated attacker to execute malicious SQL statements through the BIG-IP NEXT Central Manager API | ||
9.5.24 | CVE | (CVSS score: 7.5) - An SQL injection vulnerability that could allow an unauthenticated attacker to execute malicious SQL statements through the BIG-IP Next Central Manager API | ||
8.5.24 | CVE | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7. | ||
7.5.24 | CVE | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | ||
7.5.24 | CVE | An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | ||
6.5.24 | CVE | A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. | ||
6.5.24 | CVE | A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. | ||
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the Local User Authentication Database Accessed via the PAPI Protocol | ||
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the Automatic Reporting Service Accessed via the PAPI Protocol | ||
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the Utility Daemon Accessed via the PAPI Protocol | ||
3.5.24 |
CVE |
(CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the L2/L3 Management Service Accessed via the PAPI Protocol | ||
3.5.24 |
Vulnerebility |
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps | ||
| 30.4.24 | CVE-2017-8570 | Vulnerebility | CVE | Microsoft Office Remote Code Execution Vulnerability |
| 30.4.24 | CVE-2024-29021 | Vulnerebility | CVE | (CVSS score: 9.1) - The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server-Side Request Forgery (SSRF). This allows an attacker with sufficient access to the Judge0 API to obtain unsandboxed code execution as root on the target machine. |
| 30.4.24 | CVE-2024-28189 | Vulnerebility | CVE | (CVSS score: 10.0) - A patch bypass for CVE-2024-28185 that stems from the use of the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside of the sandbox. |
| 30.4.24 | CVE-2024-28185 | Vulnerebility | CVE | (CVSS score: 10.0) - The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox |
| 30.4.24 | CVE-2024-27322 | Vulnerebility | CVE | Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted with. |
| 27.4.24 | CVE-2024-29966 | Vulnerebility | CVE | Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance. |
| 27.4.24 | CVE-2024-29963 | Vulnerebility | CVE | Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries. |
| 27.4.24 | CVE-2024-29961 | Vulnerebility | CVE | A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the Component. This could make an unauthenticated, remote attacker aware of the behavior and launch a supply-chain attack against a Brocade SANnav appliance. |
| 27.4.24 | CVE-2024-29960 | Vulnerebility | CVE | In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. Any Brocade SAnnav VM based on the official OVA images is vulnerable to MITM over SSH. An attacker can decrypt and compromise the SSH traffic to the SANnav. |
| 27.4.24 | CVE-2024-2859 | Vulnerebility | CVE | By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. |
| 27.4.24 | CVE-2024-3400 | Vulnerebility | CVE | A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. |
| 27.4.24 | CVE-2024-27956 | Vulnerebility | CVE | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0. |
| 27.4.24 | CVE-2024-21338 | Vulnerebility | CVE | Windows Kernel Elevation of Privilege Vulnerability |
| 25.4.24 | CVE-2024-20353 | Vulnerebility | CVE | (CVSS score: 8.6) - Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial-of-Service Vulnerability |
| 25.4.24 | CVE-2024-20359 | Vulnerebility | CVE | (CVSS score: 6.0) - Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability |
| 20.4.24 | PAN-OS CVE-2024-3400 | Vulnerebility | CVE | On April 10, 2024 Palo Alto Networks Product Security Incident Response Team (PSIRT) learned of a suspicious exfiltration attempt at a customer site from Volexity's Steven Adair. Our Palo Alto Networks Product Security Research Lead Christopher Ganas and Unit 42's Threat Research Lead Kyle Wilhoit immediately investigated the issue with Volexity's team. |
| 20.4.24 | Updating CrushFTP v11 | Vulnerebility | CVE | CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files. This has been patched in v11.1.0. Customers using a DMZ in front of their main CrushFTP instance are protected with its protocol translation system it utilizes. (CREDIT:Simon Garrelou, of Airbus CERT) |
| 19.4.24 | CVE-2020-3259 | Vulnerebility | CVE | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. |
| 19.4.24 | CVE-2023-20269 | Vulnerebility | CVE | A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. |
| 18.4.24 | CVE-2024-28847 | Vulnerebility | CVE | (CVSS score: 8.8) - A Spring Expression Language (SpEL) injection vulnerability in PUT /api/v1/events/subscriptions (fixed in version 1.2.4) |
| 18.4.24 | CVE-2024-28848 | Vulnerebility | CVE | (CVSS score: 8.8) - A SpEL injection vulnerability in GET /api/v1/policies/validation/condition/<expr> (fixed in version 1.2.4) |
| 18.4.24 | CVE-2024-28253 | Vulnerebility | CVE | (CVSS score: 8.8) - A SpEL injection vulnerability in PUT /api/v1/policies (fixed in version 1.3.1) |
| 18.4.24 | CVE-2024-28254 | Vulnerebility | CVE | (CVSS score: 8.8) - A SpEL injection vulnerability in GET /api/v1/events/subscriptions/validation/condition/<expr> (fixed in version 1.2.4) |
| 18.4.24 | CVE-2024-28255 | Vulnerebility | CVE | (CVSS score: 9.8) - An authentication bypass vulnerability (fixed in version 1.2.4) |
| 17.4.24 | CVE-2023-1389 | Vulnerebility | CVE | Unauthenticated Command Injection in TP-Link Archer AX21 (AX1800) |
| 17.4.24 | CVE-2023-22518 | Vulnerebility | CVE | All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. |
| 17.4.24 | CVE-2023-48788 | Vulnerebility | CVE | A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. |
| 16.4.24 | CVE-2023-36052 | Vulnerebility | CVE | Azure CLI REST Command Information Disclosure Vulnerability |
| 16.4.24 | LeakyCLI | Vulnerebility | CVE | LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs |
| 16.4.24 | Lighttpd | CVE |
Important changes | |
| 16.4.24 | CVE-2024-31497 | CVE |
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | |
| 12.4.24 | CVE-2024-3400 | CVE |
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. | |
11.4.24 |
CVE |
[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration | ||
| 10.4.24 | CVE-2024-26234 | CVE |
(CVSS score: 6.7) - Proxy Driver Spoofing Vulnerability | |
| 10.4.24 | CVE-2024-29988 | CVE |
(CVSS score: 8.8) - SmartScreen Prompt Security Feature Bypass Vulnerability | |
| 10.4.24 | CVE-2024-21412 | CVE |
Internet Shortcut Files Security Feature Bypass Vulnerability | |
| 10.4.24 | CVE-2024-29990 | CVE |
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |
| 10.4.24 | BatBadBut | Vulnerebility | Vulnerebility | BatBadBut: You can't securely execute commands on Windows |
| 10.4.24 | CVE-2024-24576 | CVE |
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. | |
| 9.4.24 | CVE-2023-6320 | CVE |
vulnerability lets an attacker inject authenticated commands by manipulating the com.webos.service.connectionmanager/tv/setVlanStaticAddress API endpoint. | |
| 9.4.24 | CVE-2023-6319 | CVE |
A third vulnerability allows operating system command injection by manipulating a library responsible with showing music lyrics. | |
| 9.4.24 | CVE-2023-6318 | CVE |
Another vulnerability allows attackers to elevate the access they gained in the first step to root and fully take over the device | |
| 9.4.24 | CVE-2023-6317 | CVE |
vulnerability that lets an attacker bypass the authorization mechanism in WebOS versions 4 through 7. By setting a variable, the attacker can add an extra user to the TV set | |
| 9.4.24 | CVE-2024-3273 | CVE |
A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. | |
| 9.4.24 | CVE-2024-3272 | CVE |
A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. | |
| 7.4.24 | CVE-2024-3273 | CVE | A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection | |
| 7.4.24 | CVE-2024-20720 | CVE | Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. | |
| 5.4.24 | CVE-2024-21893 | CVE |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
| 5.4.24 | CVE-2024-21887 | CVE |
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
| 5.4.24 | CVE-2023-46805 | CVE |
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | |
| 4.4.24 | CVE-2024-2758 | CVE |
Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately. | |
| 4.4.24 | CVE-2024-27983 | CVE |
||
| 4.4.24 | CVE-2024-28182 | CVE |
nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. | |
| 4.4.24 | CVE-2023-45288 | CVE |
||
| 4.4.24 | CVE-2024-30255 | CVE |
||
| 4.4.24 | CVE-2024-27919 | CVE |
Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable to the flood of CONTINUATION frames. Envoy's HTTP/2 codec does not reset a request when header map limits have been exceeded. | |
| 4.4.24 | CVE-2024-31309 | CVE |
||
| 4.4.24 | CVE-2024-24549 | CVE |
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. | |
| 4.4.24 | CVE-2024-27316 | CVE |
||
| 4.4.24 | CVE-2024-2653 | CVE |
amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash. | |
| 4.4.24 | CVE-2024-22023 | CVE |
SA:CVE-2024-21894 (Heap Overflow), CVE-2024-22052 (Null Pointer Dereference), CVE-2024-22053 (Heap Overflow) and CVE-2024-22023 (XML entity expansion or XXE) for Ivanti Connect Secure and Ivanti Policy Secure Gateways | |
| 4.4.24 | CVE-2024-22053 | CVE |
(CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. | |
| 4.4.24 | CVE-2024-22052 | CVE |
(CVSS score: 7.5) - A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack. | |
| 4.4.24 | CVE-2024-21894 | CVE |
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code. | |
| 4.4.24 | CVE-2024-29748 | CVE |
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
| 4.4.24 | CVE-2024-29745 | CVE |
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. | |
| 3.4.24 | CVE-2024-2879 | CVE |
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | |
| 2.4.24 | CVE-2024-3094 | CVE |
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. | |
| 30.3.24 | CVE-2024-3094 | CVE |
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code | |
| 30.3.24 | CVE-2024-1086 | CVE |
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. | |
| 30.3.24 | WallEscape | CVE |
Unraveling WallEscape: A Linux Vulnerability Exposing User Passwords and Hijacking Clipboards | |
| 30.3.24 | CVE-2024-28085 | CVE |
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) | |
| 28.3.24 | CVE-2023-29357 | CVE |
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |
| 28.3.24 | CVE-2023-24955 | CVE |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |
| 28.3.24 | CVE-2024-21388 | CVE |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |
| 28.3.24 | CVE-2024-21388 | CVE |
“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation | |
| 28.3.24 | CVE-2023-48022 | CVE |
Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment | |
| 26.3.24 | CVE-2023-48788 | CVE | (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability | |
| 26.3.24 | CVE-2021-44529 | CVE | (CVSS score: 9.8) - Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability | |
| 26.3.24 | CVE-2019-7256 | CVE | (CVSS score: 10.0) - Nice Linear eMerge E3-Series OS Command Injection Vulnerability | |
| 22.3.24 | CVE-2023-46747 | CVE | Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |
| 22.3.24 | CVE-2023-41724 | CVE | CVE-2023-41724 (Remote Code Execution) for Ivanti Standalone Sentry | |
| 22.3.24 | CVE-2024-1597 | CVE | pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. | |
20.3.24 | CVE | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | ||
18.3.24 | CVE | In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly sanitize illegal characters in a URL which is then displayed on a subsequent error page. A malicious actor could craft a URL which would then execute arbitrary code within an HTML script tag. | ||
18.3.24 | CVE | Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage. | ||
18.3.24 | CVE | A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells. | ||
18.3.24 | CVE | The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1.1 (for Web Application Firewall). This makes it possible for unauthenticated attackers to escalate their privileges to that of an administrator. | ||
18.3.24 | CVE | Microsoft Outlook Elevation of Privilege Vulnerability | ||
| 16.3.24 | GHOSTRACE | Vulnerebility | CPU | GhostRace (CVE-2024-2193) is a new attack combining speculative execution and race conditions, two very challenging class of attacks. |
| 16.3.24 | CVE-2024-2193 | CVE | A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. | |
| 14.3.24 | CVE-2023-5528 | CVE | A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. | |
| 14.3.24 | CVE-2024-0778 | CVE | A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to os command injection. The exploit has been disclosed to the public and may be used. | |
| 14.3.24 | CVE-2024-21412 | CVE | CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | |
| 14.3.24 | CVE-2023-48788 | CVE | A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. | |
| 13.3.24 | CVE-2024-21407 | CVE | Windows Hyper-V Remote Code Execution Vulnerability | |
| 13.3.24 | CVE-2024-21408 | CVE | Windows Hyper-V Denial of Service Vulnerability | |
| 13.3.24 | CVE-2024-21400 | CVE | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |
| 13.3.24 | CVE-2024-26170 | CVE | Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability | |
| 13.3.24 | CVE-2024-21433 | CVE | Windows Print Spooler Elevation of Privilege Vulnerability | |
| 13.3.24 | CVE-2024-26198 | CVE | Microsoft Exchange Server Remote Code Execution Vulnerability | |
| 13.3.24 | CVE-2024-21334 | CVE | Open Management Infrastructure (OMI) Remote Code Execution Vulnerability | |
| 12.3.24 | CVE-2024-1071 | CVE | ||
| 12.3.24 | CVE-2024-1468 | CVE | The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |
| 11.3.24 | CVE-2023-42793 | CVE | In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
| 11.3.24 | CVE-2024-27198 | CVE | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| 11.3.24 | CVE-2024-1403 | CVE | In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. | |
| 8.3.24 | CVE-2024-20338 | CVE | A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. | |
| 8.3.24 | CVE-2024-20337 | CVE | A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. | |
| 8.3.24 | CVE-2024-20338 | CVE | A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. | |
| 8.3.24 | CVE-2024-20337 | CVE | A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. | |
| 8.3.24 | CVE-2024-27199 | CVE | In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | |
| 8.3.24 | CVE-2024-27198 | CVE | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| 6.3.24 | CVE-2024-22255 | CVE | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | |
| 6.3.24 | CVE-2024-22254 | CVE | VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox. | |
| 6.3.24 | CVE-2024-22253 | CVE | VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | |
| 6.3.24 | CVE-2024-22252 | CVE | VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | |
| 6.3.24 | CVE-2024-23296 | CVE | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | |
| 6.3.24 | CVE-2024-23225 | CVE | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | |
| 6.3.24 | CVE-2024-1709 | CVE | ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. | |
| 6.3.24 | CVE-2024-1708 | CVE | ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems. | |
| 5.3.24 | CVE-2024-23917 | CVE | In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | |
| 5.3.24 | CVE-2024-27199 | CVE | In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | |
| 5.3.24 | CVE-2024-27198 | CVE | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| 2.3.24 | CVE-2019-3568 | CVE | A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. | |
| 2.3.24 | CVE-2023-46805 | CVE | (CVSS score: 8.2) - Authentication bypass vulnerability in web component | |
| 2.3.24 | CVE-2024-21887 | CVE | (CVSS score: 9.1) - Command injection vulnerability in web component | |
| 2.3.24 | CVE-2024-21888 | CVE | (CVSS score: 8.8) - Privilege escalation vulnerability in web component | |
| 2.3.24 | CVE-2024-21893 | CVE | (CVSS score: 8.2) - SSRF vulnerability in the SAML component | |
| 2.3.24 | CVE-2024-22024 | CVE | (CVSS score: 8.3) - XXE vulnerability in the SAML component | |
| 2.3.24 | CVE-2024-21338 | CVE | Windows Kernel Elevation of Privilege Vulnerability NewRecently updated | |
| 1.3.24 | CVE-2024-21887 | CVE | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
| 1.3.24 | CVE-2024-21893 | CVE | A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
28.2.24 | CVE | Microsoft Outlook Elevation of Privilege Vulnerability | ||
28.2.24 | CVE | 4 Million WordPress Sites affected by Stored Cross-Site Scripting Vulnerability in LiteSpeed Cache Plugin | ||
28.2.24 | CVE | A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures. | ||
27.2.24 | CVE | The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | ||
27.2.24 | CVE | The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. | ||
| 23.2.24 | CVE-2024-23204 | Vulnerebility | CVE | The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user. |
| 22.2.24 | CVE-2023-52161 | Vulnerebility | CVE | The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key. |
| 22.2.24 | CVE-2023-52160 | Vulnerebility | CVE | The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. |
| 21.2.24 | CVE-2024-22250 | Vulnerebility | CVE | Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system. |
| 21.2.24 | CVE-2024-22245 | Vulnerebility | CVE | Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in (EAP) could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs). |
| 21.2.24 | CVE-2024-25600 | Vulnerebility | CVE | CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. |
| 17.2.24 | FLATLINED | Vulnerebility | CVE | FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING |
| 17.2.24 | CVE-2024-21412 | CVE | Internet Shortcut Files Security Feature Bypass Vulnerability | |
| 17.2.24 | CVE-2024-20684 | CVE | (CVSS score: 6.5) - Windows Hyper-V Denial of Service Vulnerability | |
| 17.2.24 | CVE-2024-21357 | CVE | (CVSS score: 7.5) - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
| 17.2.24 | CVE-2024-21380 | CVE | (CVSS score: 8.0) - Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | |
| 17.2.24 | CVE-2024-21410 | CVE | (CVSS score: 9.8) - Microsoft Exchange Server Elevation of Privilege Vulnerability | |
| 17.2.24 | CVE-2024-21413 | CVE | (CVSS score: 9.8) - Microsoft Outlook Remote Code Execution Vulnerability | |
| 17.2.24 | CVE-2024-21412 | CVE | (CVSS score: 8.1) - Internet Shortcut Files Security Feature Bypass Vulnerability | |
| 17.2.24 | CVE-2024-21351 | CVE | (CVSS score: 7.6) - Windows SmartScreen Security Feature Bypass Vulnerability | |
| 17.2.24 | CVE-2024-21893 | CVE | A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
| 17.2.24 | CVE-2023-43770 | CVE | Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. | |
17.2.24 | CVE | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. | ||
9.2.24 | CVE | FortiOS - Out-of-bound Write in sslvpnd | ||
9.2.24 | CVE | CVE-2024-22024 (XXE) for Ivanti Connect Secure and Ivanti Policy Secure | ||
8.2.24 | CVE | Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account. | ||
8.2.24 | CVE | Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information. | ||
8.2.24 | CVE | Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. | ||
8.2.24 | CVE | Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization. | ||
8.2.24 | CVE | Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. | ||
8.2.24 | CVE | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | ||
8.2.24 | CVE | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | ||
8.2.24 | CVE | A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | ||
8.2.24 | CVE | Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. | ||
8.2.24 | CVE | Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. | ||
7.2.24 | CVE | (CVSS score: 5.3) - Out-of-bounds read when printing error messages, resulting in a denial-of-service (DoS) condition | ||
7.2.24 | CVE | (CVSS score: 7.4) - Buffer overflow in shim when compiled for 32-bit processors that can lead to a crash or data integrity issues during the boot phase | ||
7.2.24 | CVE | (CVSS score: 5.5) - Out-of-bounds read in the authenticode function that could permit an attacker to trigger a DoS by providing a malformed binary | ||
7.2.24 | CVE | (CVSS score: 5.5) - Out-of-bounds read when validating Secure Boot Advanced Targeting (SBAT) information that could result in information disclosure | ||
7.2.24 | CVE | (CVSS score: 7.1) - Out-of-bounds read when parsing MZ binaries, leading to a crash or possible exposure of sensitive data | ||
7.2.24 | CVE | A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. | ||
7.2.24 | CVE | In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | ||
6.2.24 | CVE | (CVSS score: 7.2) - Azure HDInsight Apache Ambari Java Database Connectivity (JDBC) Injection Elevation of Privilege Vulnerability | ||
6.2.24 | CVE | (CVSS score: 8.8) - Azure HDInsight Apache Oozie Workflow Scheduler XML External Entity (XXE) Injection Elevation of Privilege Vulnerability | ||
6.2.24 | CVE | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | ||
6.2.24 | CVE | A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | ||
5.2.24 | CVE | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| 3.2.24 | CVE-2024-23832 | Vulnerebility | CVE | Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. |
3.2.24 | CVE-2023-23397 | CVE | Microsoft Outlook Elevation of Privilege Vulnerability | |
2.2.24 | CVE-2024-23222 | CVE | A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. | |
2.2.24 | CVE-2022-48618 | CVE | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. | |
1.2.24 | CVE-2024-23653 | CVE | 'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally | |
| 1.2.24 | CVE-2024-23652 | CVE | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. | |
1.2.24 | CVE-2024-23651 | CVE | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. | |
| 1.2.24 | CVE-2024-21626 | CVE | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | |
1.2.24 | CVE-2024-21893 | CVE | A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | |
1.2.24 | CVE-2024-21888 | CVE | A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. | |
1.2.24 | CVE-2024-21887 | CVE | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
| 1.2.24 | CVE-2023-46805 | CVE | An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | |
1.2.24 | CVE-2023-4911 | CVE | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. | |
| 1.2.24 | CVE-2023-6780 | CVE | An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. | |
| 1.2.24 | CVE-2023-6779 | CVE | An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. | |
1.2.24 | CVE-2023-6246 | CVE | A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions | |
31.1.24 |
CVE-2024-0402 | CVE |
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. | |
30.1.24 |
CVE-2024-21619 | CVE |
(CVSS score: 5.3) - A missing authentication vulnerability that could lead to exposure of sensitive configuration information | |
30.1.24 |
CVE-2024-21620 | CVE |
(CVSS score: 8.8) - A cross-site scripting (XSS) vulnerability that could lead to the execution of arbitrary commands with the target's permissions by means of a specially crafted request | |
30.1.24 |
CVE-2023-35636 | CVE |
Microsoft Outlook Information Disclosure Vulnerability | |
29.1.24 |
CVE-2024-23897 | CVE |
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. | |
29.1.24 |
CVE-2024-20253 | CVE |
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | |
29.1.24 |
CVE-2024-23222 | CVE |
A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. | |
29.1.24 |
CVE-2023-22527 | CVE |
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. | |
| 21.1.24 | CVE-2023-20867 | CVE |
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. | |
| 21.1.24 | CVE-2023-34048 | CVE |
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. | |
19.1.24 |
CVE |
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. | ||
19.1.24 |
CVE |
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. | ||
19.1.24 |
CVE-2023-45229 | CVE |
(CVSS score: 6.5) - Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message | |
19.1.24 |
CVE-2023-45230 | CVE |
(CVSS score: 8.3) - Buffer overflow in the DHCPv6 client via a long Server ID option CVE-2023-45231 ( | |
19.1.24 |
CVE-2023-45231 | CVE |
(CVSS score: 6.5) - Out-of-bounds read when handling a ND Redirect message with truncated options | |
19.1.24 |
CVE-2023-45232 | CVE |
(CVSS score: 7.5) - Infinite loop when parsing unknown options in the Destination Options header | |
19.1.24 |
CVE-2023-45233 | CVE |
(CVSS score: 7.5) - Infinite loop when parsing a PadN option in the Destination Options header | |
19.1.24 |
CVE-2023-45234 | CVE |
(CVSS score: 8.3) - Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message | |
19.1.24 |
CVE-2023-45235 | CVE |
(CVSS score: 8.3) - Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message | |
19.1.24 |
CVE-2023-45236 | CVE |
(CVSS score: 5.8) - Predictable TCP Initial Sequence Numbers | |
19.1.24 |
CVE-2023-45237 | CVE |
(CVSS score: 5.3) - Use of a weak pseudorandom number generator | |
18.1.24 |
Android-based PAX POS | CVE |
Banking companies worldwide are finally shifting away from custom-made Point of Sale (POS) devices towards the wildly adopted and battle-tested Android operating system. | |
18.1.24 |
CVE-2017-9841 | CVE |
(PHP Unit Command) | |
18.1.24 |
CVE-2021-41773 | CVE |
(Apache HTTP Server versions), and | |
18.1.24 |
CVE-2018-15133 | CVE |
(Laravel applications) | |
18.1.24 |
CVE-2024-0507 | CVE |
An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. | |
18.1.24 |
CVE-2024-0200 | CVE |
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. | |
17.1.24 |
CVE-2023-22527 | CVE |
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. | |
17.1.24 |
CVE-2023-34063 | CVE |
VMware Aria Automation (formerly vRealize Automation) updates address a Missing Access Control vulnerability (CVE-2023-34063) | |
17.1.24 |
CVE-2023-4966 | CVE |
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | |
17.1.24 |
CVE-2023-3519 | CVE |
Unauthenticated remote code execution | |
17.1.24 |
CVE-2023-6549 | CVE |
(CVSS score: 8.2) - Denial-of-service (requires that the appliance be configured as a Gateway or authorization and accounting, or AAA, virtual server) | |
17.1.24 |
CVE-2023-6548 | CVE |
(CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management interface access) | |
17.1.24 |
CVE-2024-0519 | CVE |
Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. | |
17.1.24 |
CVE-2022-22274 | CVE |
(CVSS score: 9.4) - A stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote, unauthenticated attacker to cause DoS or potentially result in code execution in the firewall. | |
17.1.24 |
CVE-2023-0656 | CVE |
(CVSS score: 7.5) - A stack-based buffer overflow vulnerability in the SonicOS allows a remote, unauthenticated attacker to cause DoS, which could result in a crash. | |
16.1.24 |
CVE-2023-36025 | CVE |
Windows SmartScreen Security Feature Bypass Vulnerability | |
15.1.24 |
CVE-2023-49722 | CVE |
(CVSS score: 8.3), the high-severity vulnerability was addressed by Bosch in November 2023. | |
14.1.24 |
CVE-2023-28771 | CVE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. | |
13.1.24 |
CVE-2024-21611 | CVE |
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). | |
13.1.24 |
CVE-2024-21591 | CVE |
An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. | |
12.1.24 |
CVE-2023-24955 | CVE |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |
12.1.24 |
CVE-2023-29357 | CVE |
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |
12.1.24 |
CVE-2023-51467 | CVE |
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code | |
12.1.24 |
CVE-2023-49070 | CVE |
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10 | |
12.1.24 |
CVE-2023-51467 | CVE |
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code | |
11.1.24 |
CVE-2023-46805 | CVE |
(CVSS score: 8.2) - An authentication bypass vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | |
11.1.24 |
CVE-2024-21887 | CVE |
(CVSS score: 9.1) - A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. | |
11.1.24 |
CVE-2024-20287 | CVE |
A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | |
11.1.24 |
CVE-2024-20272 | CVE |
This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. | |
10.1.24 |
CVE |
Microsoft Office Remote Code Execution Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 8.7), a security bypass affecting System.Data.SqlClient and Microsoft.Data.SqlClient. | ||
10.1.24 |
CVE |
(CVSS score: 7.8), a privilege escalation flaw impacting the Common Log File System (CLFS) driver | ||
10.1.24 |
CVE |
(CVSS score: 9.0) - Windows Kerberos Security Feature Bypass Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 7.5) - Windows Hyper-V Remote Code Execution Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. | ||
10.1.24 |
CVE |
(CVSS score: 5.3) - Joomla! Improper Access Control Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 9.8) - D-Link DSL-2750B Devices Command Injection Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 7.8) - Apple Multiple Products Code Execution Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | ||
10.1.24 |
CVE |
(CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | ||
9.1.24 |
CVE-2023-47559 | CVE |
A cross-site scripting (XSS) vulnerability in QuMagie that could allow authenticated users to inject malicious code via a network (Addressed in QuMagie 2.2.1 and later) | |
9.1.24 |
CVE-2023-47560 | CVE |
An operating system command injection vulnerability in QuMagie that could allow authenticated users to execute commands via a network (Addressed in QuMagie 2.2.1 and later) | |
9.1.24 |
CVE-2023-41287 | CVE |
An SQL injection vulnerability in Video Station that could allow users to inject malicious code via a network (Addressed in Video Station 5.7.2 and later) | |
9.1.24 |
CVE-2023-41288 | CVE |
An operating system command injection vulnerability in Video Station that could allow users to execute commands via a network (Addressed in Video Station 5.7.2 and later) | |
9.1.24 |
CVE-2022-43634 | CVE |
An unauthenticated remote code execution vulnerability in Netatalk that could allow attackers to execute arbitrary code (Addressed in QTS 5.1.3.2578 build 20231110 and QuTS hero h5.1.3.2578 build 20231110) | |
5.1.24 |
CVE-2023-39336 | CVE |
Win32k Elevation of Privilege Vulnerability | |
1.1.24 |
CVE |
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets...Terrapin |