Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-24443 |
|
Vulnerability in dos (CVE-2024-24443)
vulnerability in dos (CVE-2024-24443). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24451 |
|
Vulnerability in dos (CVE-2024-24451)
vulnerability in dos (CVE-2024-24451). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24442 |
|
Vulnerability in dos (CVE-2024-24442)
vulnerability in dos (CVE-2024-24442). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24444 |
|
Vulnerability in dos (CVE-2024-24444)
vulnerability in dos (CVE-2024-24444). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24445 |
|
Vulnerability in dos (CVE-2024-24445)
vulnerability in dos (CVE-2024-24445). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-57370 |
|
Cross-Site Scripting (XSS) in CVE-2024-57370 (CVE-2024-57370)
cross-site scripting in CVE-2024-57370 (CVE-2024-57370). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-48885 |
|
Path Traversal in path-traversal (CVE-2024-48885)
path traversal in path-traversal (CVE-2024-48885). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-42911 |
|
Code Injection in CVE-2024-42911 (CVE-2024-42911)
code injection in CVE-2024-42911 (CVE-2024-42911). Confidential information can be exposed externally.
|
| CVE-2025-21402 |
|
Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
|
| CVE-2025-21361 |
|
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
|
| CVE-2025-21338 |
|
GDI+ Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
|
| CVE-2024-12088 |
|
Path Traversal in path-traversal (CVE-2024-12088)
path traversal in path-traversal (CVE-2024-12088). Data can be tampered with by attackers.
|
| CVE-2024-12087 |
|
Path Traversal in path-traversal (CVE-2024-12087)
path traversal in path-traversal (CVE-2024-12087). Data can be tampered with by attackers.
|
| CVE-2024-12747 |
|
Vulnerability in privilege-escalation (CVE-2024-12747)
vulnerability in privilege-escalation (CVE-2024-12747). Confidential information can be exposed externally.
|
| CVE-2024-52963 |
|
Out-of-Bounds Write in dos (CVE-2024-52963)
out-of-bounds write in dos (CVE-2024-52963). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-48884 |
|
Path Traversal in path-traversal (CVE-2024-48884)
path traversal in path-traversal (CVE-2024-48884). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-55591 KEV |
|
[KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2024-50659 |
|
Cross-Site Scripting (XSS) in ipublishmedia (CVE-2024-50659)
cross-site scripting in ipublishmedia (CVE-2024-50659). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-55008 |
|
Vulnerability in dos (CVE-2024-55008)
vulnerability in dos (CVE-2024-55008). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-48245 |
|
SQL Injection in sqli (CVE-2024-48245)
SQL injection in sqli (CVE-2024-48245). Successful exploitation can lead to full system takeover.
|
| CVE-2024-46242 |
|
Vulnerability in dos (CVE-2024-46242)
vulnerability in dos (CVE-2024-46242). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-51111 |
|
Cross-Site Scripting (XSS) in pnetlab (CVE-2024-51111)
cross-site scripting in pnetlab (CVE-2024-51111). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-48197 |
|
Cross-Site Scripting (XSS) in CVE-2024-48197 (CVE-2024-48197)
cross-site scripting in CVE-2024-48197 (CVE-2024-48197). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-45497 |
|
Vulnerability in dos (CVE-2024-45497)
vulnerability in dos (CVE-2024-45497). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-8950 |
|
SQL Injection in sqli (CVE-2024-8950)
SQL injection in sqli (CVE-2024-8950). Successful exploitation can lead to full system takeover.
|
| CVE-2024-12582 |
|
Vulnerability in dos (CVE-2024-12582)
vulnerability in dos (CVE-2024-12582). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-10244 |
|
SQL Injection in sqli (CVE-2024-10244)
SQL injection in sqli (CVE-2024-10244). Successful exploitation can lead to full system takeover.
|
| CVE-2024-8972 |
|
SQL Injection in sqli (CVE-2024-8972)
SQL injection in sqli (CVE-2024-8972). Successful exploitation can lead to full system takeover.
|
| CVE-2024-8475 |
|
Vulnerability in CVE-2024-8475 (CVE-2024-8475)
vulnerability in CVE-2024-8475 (CVE-2024-8475). Confidential information can be exposed externally.
|
| CVE-2024-37776 |
|
Cross-Site Scripting (XSS) in sunbirddcim (CVE-2024-37776)
cross-site scripting in sunbirddcim (CVE-2024-37776). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-37774 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-37774)
vulnerability in csrf (CVE-2024-37774). Successful exploitation can lead to full system takeover.
|
| CVE-2024-55875 |
|
Information Disclosure in org.http4k:http4k-format-xml (CVE-2024-55875)
vulnerability in org.http4k:http4k-format-xml (CVE-2024-55875). Successful exploitation can lead to full system takeover. Exploitable via ``DocumentBuilderFactory``. Mitigation: upgrade to `6.50.0.0` or later.
|
| CVE-2024-53481 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2024-53481)
cross-site scripting in phpgurukul (CVE-2024-53481). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-53480 |
|
SQL Injection in sqli (CVE-2024-53480)
SQL injection in sqli (CVE-2024-53480). Successful exploitation can lead to full system takeover. Exploitable via ``login.php``.
|
| CVE-2024-8259 |
|
SQL Injection in sqli (CVE-2024-8259)
SQL injection in sqli (CVE-2024-8259). Successful exploitation can lead to full system takeover.
|
| CVE-2024-54216 |
|
Vulnerability in path-traversal (CVE-2024-54216)
vulnerability in path-traversal (CVE-2024-54216). Confidential information can be exposed externally.
|
| CVE-2024-11321 |
|
Cross-Site Scripting (XSS) in CVE-2024-11321 (CVE-2024-11321)
cross-site scripting in CVE-2024-11321 (CVE-2024-11321). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-53364 |
|
SQL Injection in sqli (CVE-2024-53364)
SQL injection in sqli (CVE-2024-53364). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-50942 |
|
SQL Injection in sqli (CVE-2024-50942)
SQL injection in sqli (CVE-2024-50942). Successful exploitation can lead to full system takeover.
|
| CVE-2024-52336 |
|
Privilege Escalation in privilege-escalation (CVE-2024-52336)
vulnerability in privilege-escalation (CVE-2024-52336). Successful exploitation can lead to full system takeover. Exploitable via ``script_pre``.
|
| CVE-2024-53365 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2024-53365)
cross-site scripting in phpgurukul (CVE-2024-53365). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-53597 |
|
SQL Injection in sqli (CVE-2024-53597)
SQL injection in sqli (CVE-2024-53597). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-7882 |
|
SQL Injection in sqli (CVE-2024-7882)
SQL injection in sqli (CVE-2024-7882). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-7837 |
|
SQL Injection in sqli (CVE-2024-7837)
SQL injection in sqli (CVE-2024-7837). Confidential information can be exposed externally.
|
| CVE-2024-7130 |
|
Cross-Site Scripting (XSS) in CVE-2024-7130 (CVE-2024-7130)
cross-site scripting in CVE-2024-7130 (CVE-2024-7130). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-7026 |
|
SQL Injection in sqli (CVE-2024-7026)
SQL injection in sqli (CVE-2024-7026). Confidential information can be exposed externally.
|
| CVE-2024-7016 |
|
Cross-Site Scripting (XSS) in smarttek (CVE-2024-7016)
cross-site scripting in smarttek (CVE-2024-7016). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-12401 |
|
Vulnerability in github.com/cert-manager/cert-manager (CVE-2024-12401)
vulnerability in github.com/cert-manager/cert-manager (CVE-2024-12401). Risk of unauthorized operations or information disclosure. Exploitable via ``pem.Decode``. Mitigation: upgrade to `1.16.2` or later.
|
| CVE-2024-52725 |
|
SQL Injection in sqli (CVE-2024-52725)
SQL injection in sqli (CVE-2024-52725). Confidential information can be exposed externally.
|
| CVE-2024-11404 |
|
Vulnerability in django-filer (CVE-2024-11404)
vulnerability in django-filer (CVE-2024-11404). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.0` or later.
|